{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","type":"deb","namespace":"debian","name":"apache2","version":"2.4.66-8","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3665?format=json","vulnerability_id":"VCID-112d-h2a5-xbc4","summary":"A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server by sending plain HTTP requests to the SSL port.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0113.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0113.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0113","reference_id":"","reference_type":"","scores":[{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.94717","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.9468","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.94688","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.94692","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.94694","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.94704","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.94708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.94713","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15723","scoring_system":"epss","scoring_elements":"0.94716","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0113"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617157","reference_id":"1617157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617157"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0113.json","reference_id":"CVE-2004-0113","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0113.json"},{"reference_url":"https://security.gentoo.org/glsa/200403-04","reference_id":"GLSA-200403-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200403-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:084","reference_id":"RHSA-2004:084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:182","reference_id":"RHSA-2004:182","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:182"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586667?format=json","purl":"pkg:deb/debian/apache2@2.0.52?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.52%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0113"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-112d-h2a5-xbc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3700?format=json","vulnerability_id":"VCID-115r-fep2-fyfm","summary":"A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6422","reference_id":"","reference_type":"","scores":[{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.902","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90155","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90158","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.9017","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90176","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90191","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90197","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90206","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90205","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6422"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427230","reference_id":"427230","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427230"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6422.json","reference_id":"CVE-2007-6422","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6422.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583259?format=json","purl":"pkg:deb/debian/apache2@2.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-6422"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-115r-fep2-fyfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3769?format=json","vulnerability_id":"VCID-1189-ej89-hybs","summary":"mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3169","reference_id":"","reference_type":"","scores":[{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96968","published_at":"2026-04-01T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96996","published_at":"2026-04-13T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96991","published_at":"2026-04-08T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96992","published_at":"2026-04-09T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96994","published_at":"2026-04-11T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96995","published_at":"2026-04-12T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96976","published_at":"2026-04-02T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.9698","published_at":"2026-04-04T12:55:00Z"},{"value":"0.34517","scoring_system":"epss","scoring_elements":"0.96982","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463197","reference_id":"1463197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463197"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-3169.json","reference_id":"CVE-2017-3169","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-3169.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584426?format=json","purl":"pkg:deb/debian/apache2@2.4.25-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-3169"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1189-ej89-hybs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3813?format=json","vulnerability_id":"VCID-17hy-4ppt-xyhw","summary":"Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted SessionHeader sent by an origin server could cause a heap overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26691.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26691","reference_id":"","reference_type":"","scores":[{"value":"0.40357","scoring_system":"epss","scoring_elements":"0.97325","published_at":"2026-04-01T12:55:00Z"},{"value":"0.40357","scoring_system":"epss","scoring_elements":"0.97348","published_at":"2026-04-13T12:55:00Z"},{"value":"0.40357","scoring_system":"epss","scoring_elements":"0.97344","published_at":"2026-04-09T12:55:00Z"},{"value":"0.40357","scoring_system":"epss","scoring_elements":"0.97346","published_at":"2026-04-11T12:55:00Z"},{"value":"0.40357","scoring_system":"epss","scoring_elements":"0.97347","published_at":"2026-04-12T12:55:00Z"},{"value":"0.40357","scoring_system":"epss","scoring_elements":"0.97332","published_at":"2026-04-02T12:55:00Z"},{"value":"0.40357","scoring_system":"epss","scoring_elements":"0.97336","published_at":"2026-04-07T12:55:00Z"},{"value":"0.40357","scoring_system":"epss","scoring_elements":"0.97343","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966732","reference_id":"1966732","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966732"},{"reference_url":"https://security.archlinux.org/AVG-2053","reference_id":"AVG-2053","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-26691.json","reference_id":"CVE-2021-26691","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-26691.json"},{"reference_url":"https://security.gentoo.org/glsa/202107-38","reference_id":"GLSA-202107-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3816","reference_id":"RHSA-2021:3816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4613","reference_id":"RHSA-2021:4613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4614","reference_id":"RHSA-2021:4614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0143","reference_id":"RHSA-2022:0143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0143"},{"reference_url":"https://usn.ubuntu.com/4994-1/","reference_id":"USN-4994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4994-1/"},{"reference_url":"https://usn.ubuntu.com/4994-2/","reference_id":"USN-4994-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4994-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585157?format=json","purl":"pkg:deb/debian/apache2@2.4.46-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.46-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-26691"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-17hy-4ppt-xyhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3741?format=json","vulnerability_id":"VCID-1bv2-mkj8-ubaz","summary":"mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html"},{"reference_url":"http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch","reference_id":"","reference_type":"","scores":[],"url":"http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1862","reference_id":"","reference_type":"","scores":[{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97309","published_at":"2026-04-13T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97287","published_at":"2026-04-01T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97307","published_at":"2026-04-11T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97308","published_at":"2026-04-12T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97292","published_at":"2026-04-02T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97297","published_at":"2026-04-04T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97298","published_at":"2026-04-07T12:55:00Z"},{"value":"0.39611","scoring_system":"epss","scoring_elements":"0.97304","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862"},{"reference_url":"http://secunia.com/advisories/55032","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/55032"},{"reference_url":"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534"},{"reference_url":"http://support.apple.com/kb/HT6150","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT6150"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=r1469311","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=r1469311"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862","reference_id":"","reference_type":"","scores":[],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21644047","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21644047"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:174","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:174"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"},{"reference_url":"http://www.securityfocus.com/bid/59826","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/59826"},{"reference_url":"http://www.securityfocus.com/bid/64758","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/64758"},{"reference_url":"http://www.ubuntu.com/usn/USN-1903-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1903-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=953729","reference_id":"953729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=953729"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-1862.json","reference_id":"CVE-2013-1862","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-1862.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1862","reference_id":"CVE-2013-1862","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1862"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1133","reference_id":"RHSA-2013:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1134","reference_id":"RHSA-2013:1134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1903-1/","reference_id":"USN-1903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586778?format=json","purl":"pkg:deb/debian/apache2@2.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2013-1862"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bv2-mkj8-ubaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3745?format=json","vulnerability_id":"VCID-1d24-sy5z-jfhh","summary":"HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the \"MergeTrailers\" directive to restore legacy behavior.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5704","reference_id":"","reference_type":"","scores":[{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.9846","published_at":"2026-04-13T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98446","published_at":"2026-04-01T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98448","published_at":"2026-04-02T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98451","published_at":"2026-04-04T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98453","published_at":"2026-04-07T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98457","published_at":"2026-04-08T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98458","published_at":"2026-04-09T12:55:00Z"},{"value":"0.64689","scoring_system":"epss","scoring_elements":"0.98461","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082903","reference_id":"1082903","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082903"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-5704.json","reference_id":"CVE-2013-5704","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-5704.json"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1972","reference_id":"RHSA-2014:1972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0325","reference_id":"RHSA-2015:0325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1249","reference_id":"RHSA-2015:1249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2661","reference_id":"RHSA-2015:2661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0061","reference_id":"RHSA-2016:0061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0062","reference_id":"RHSA-2016:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0062"},{"reference_url":"https://usn.ubuntu.com/2523-1/","reference_id":"USN-2523-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2523-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585949?format=json","purl":"pkg:deb/debian/apache2@2.4.10-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2013-5704"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1d24-sy5z-jfhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3693?format=json","vulnerability_id":"VCID-1nh6-77uc-xbak","summary":"A bug was found in the mod_cache module. On sites where caching is enabled, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=186219","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=186219"},{"reference_url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244658"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_20.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_20.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"},{"reference_url":"http://lists.vmware.com/pipermail/security-announce/2009/000062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.vmware.com/pipermail/security-announce/2009/000062.html"},{"reference_url":"http://osvdb.org/37079","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/37079"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2007-0534.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2007-0534.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2007-0556.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2007-0556.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1863.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1863","reference_id":"","reference_type":"","scores":[{"value":"0.27987","scoring_system":"epss","scoring_elements":"0.9647","published_at":"2026-04-13T12:55:00Z"},{"value":"0.27987","scoring_system":"epss","scoring_elements":"0.96452","published_at":"2026-04-07T12:55:00Z"},{"value":"0.27987","scoring_system":"epss","scoring_elements":"0.9646","published_at":"2026-04-08T12:55:00Z"},{"value":"0.27987","scoring_system":"epss","scoring_elements":"0.96463","published_at":"2026-04-09T12:55:00Z"},{"value":"0.27987","scoring_system":"epss","scoring_elements":"0.96467","published_at":"2026-04-12T12:55:00Z"},{"value":"0.36211","scoring_system":"epss","scoring_elements":"0.97074","published_at":"2026-04-01T12:55:00Z"},{"value":"0.36211","scoring_system":"epss","scoring_elements":"0.97081","published_at":"2026-04-02T12:55:00Z"},{"value":"0.36211","scoring_system":"epss","scoring_elements":"0.97086","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863"},{"reference_url":"http://secunia.com/advisories/25830","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25830"},{"reference_url":"http://secunia.com/advisories/25873","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25873"},{"reference_url":"http://secunia.com/advisories/25920","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25920"},{"reference_url":"http://secunia.com/advisories/26273","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26273"},{"reference_url":"http://secunia.com/advisories/26443","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26443"},{"reference_url":"http://secunia.com/advisories/26508","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26508"},{"reference_url":"http://secunia.com/advisories/26822","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26822"},{"reference_url":"http://secunia.com/advisories/26842","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26842"},{"reference_url":"http://secunia.com/advisories/26993","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26993"},{"reference_url":"http://secunia.com/advisories/27037","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27037"},{"reference_url":"http://secunia.com/advisories/27563","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27563"},{"reference_url":"http://secunia.com/advisories/27732","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27732"},{"reference_url":"http://secunia.com/advisories/28606","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/28606"},{"reference_url":"http://secunia.com/advisories/30430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30430"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200711-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200711-06.xml"},{"reference_url":"https://issues.rpath.com/browse/RPL-1500","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1500"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9824","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9824"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2007-0533.html","reference_id":"","reference_type":"","scores":[],"url":"https://rhn.redhat.com/errata/RHSA-2007-0533.html"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=535617","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=535617"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK49355"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:141"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_61_apache2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_61_apache2.html"},{"reference_url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0557.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0557.html"},{"reference_url":"http://www.securityfocus.com/archive/1/505990/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/505990/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/24649","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/24649"},{"reference_url":"http://www.securitytracker.com/id?1018303","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1018303"},{"reference_url":"http://www.trustix.org/errata/2007/0026/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2007/0026/"},{"reference_url":"http://www.ubuntu.com/usn/usn-499-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-499-1"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-150A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-150A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2007/2727","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/2727"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3283","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3283"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3386","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3386"},{"reference_url":"http://www.vupen.com/english/advisories/2008/0233","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/0233"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1697","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1697"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=244658","reference_id":"244658","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=244658"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-1863.json","reference_id":"CVE-2007-1863","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-1863.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1863","reference_id":"CVE-2007-1863","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1863"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0533","reference_id":"RHSA-2007:0533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0534","reference_id":"RHSA-2007:0534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0556","reference_id":"RHSA-2007:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0557","reference_id":"RHSA-2007:0557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0557"},{"reference_url":"https://usn.ubuntu.com/499-1/","reference_id":"USN-499-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/499-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584750?format=json","purl":"pkg:deb/debian/apache2@2.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-1863"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1nh6-77uc-xbak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3656?format=json","vulnerability_id":"VCID-1v86-mmdn-z3fk","summary":"A bug in the optional renegotiation code in mod_ssl included with Apache httpd can cause cipher suite restrictions to be ignored. This is triggered if optional renegotiation is used (SSLOptions +OptRenegotiate) along with verification of client certificates and a change to the cipher suite over the renegotiation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0192.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0192","reference_id":"","reference_type":"","scores":[{"value":"0.11824","scoring_system":"epss","scoring_elements":"0.9372","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11824","scoring_system":"epss","scoring_elements":"0.9368","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11824","scoring_system":"epss","scoring_elements":"0.9369","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11824","scoring_system":"epss","scoring_elements":"0.93701","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11824","scoring_system":"epss","scoring_elements":"0.93704","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11824","scoring_system":"epss","scoring_elements":"0.93713","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11824","scoring_system":"epss","scoring_elements":"0.93715","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11824","scoring_system":"epss","scoring_elements":"0.93719","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0192"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0192","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616998","reference_id":"1616998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616998"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0192.json","reference_id":"CVE-2003-0192","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0192.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:240","reference_id":"RHSA-2003:240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:243","reference_id":"RHSA-2003:243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:244","reference_id":"RHSA-2003:244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:290","reference_id":"RHSA-2003:290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:301","reference_id":"RHSA-2003:301","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:301"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584275?format=json","purl":"pkg:deb/debian/apache2@2.0.47?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.47%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0192"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1v86-mmdn-z3fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92275?format=json","vulnerability_id":"VCID-1wh1-9ccd-s7hq","summary":"The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting (XSS) attacks, gain privileges, or obtain sensitive information via vectors involving localhost HTTP requests to the Apache HTTP Server.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0216","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1607","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16253","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16315","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16113","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16198","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16263","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16246","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16206","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16138","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0216"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584210?format=json","purl":"pkg:deb/debian/apache2@2.2.22-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-0216"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1wh1-9ccd-s7hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3749?format=json","vulnerability_id":"VCID-1zk6-7wv2-ukcz","summary":"A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the \"DEFLATE\" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0304.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0304.html"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0305.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0305.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0118","reference_id":"","reference_type":"","scores":[{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97395","published_at":"2026-04-13T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97372","published_at":"2026-04-01T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97392","published_at":"2026-04-09T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97394","published_at":"2026-04-12T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97378","published_at":"2026-04-02T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97383","published_at":"2026-04-04T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97384","published_at":"2026-04-07T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.9739","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://puppet.com/security/cve/cve-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2014-0118"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_deflate.c?r1=1604353&r2=1610501&diff_format=h"},{"reference_url":"http://www.debian.org/security/2014/dsa-2989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-2989"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://www.securityfocus.com/bid/68745","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/68745"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120601","reference_id":"1120601","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120601"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0118.json","reference_id":"CVE-2014-0118","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0118.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0118","reference_id":"CVE-2014-0118","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0118"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0920","reference_id":"RHSA-2014:0920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1019","reference_id":"RHSA-2014:1019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1020","reference_id":"RHSA-2014:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1021","reference_id":"RHSA-2014:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1086","reference_id":"RHSA-2014:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1087","reference_id":"RHSA-2014:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1088","reference_id":"RHSA-2014:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1088"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582592?format=json","purl":"pkg:deb/debian/apache2@2.4.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2014-0118"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zk6-7wv2-ukcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3699?format=json","vulnerability_id":"VCID-2261-sdn2-zbbu","summary":"A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, a cross-site scripting attack against an authorized user is possible.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6421.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6421.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6421","reference_id":"","reference_type":"","scores":[{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87033","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.86981","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.86992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87011","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87024","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87031","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87045","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03213","scoring_system":"epss","scoring_elements":"0.87039","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6421"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427229","reference_id":"427229","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427229"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6421.json","reference_id":"CVE-2007-6421","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6421.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583259?format=json","purl":"pkg:deb/debian/apache2@2.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-6421"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2261-sdn2-zbbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90504?format=json","vulnerability_id":"VCID-27q1-umct-1qe3","summary":"Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a long URL.  NOTE: the vendor could not reproduce this issue","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6423.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6423.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6423","reference_id":"","reference_type":"","scores":[{"value":"0.0366","scoring_system":"epss","scoring_elements":"0.87889","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0366","scoring_system":"epss","scoring_elements":"0.87886","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0366","scoring_system":"epss","scoring_elements":"0.87897","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0366","scoring_system":"epss","scoring_elements":"0.87891","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0366","scoring_system":"epss","scoring_elements":"0.87858","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0366","scoring_system":"epss","scoring_elements":"0.8788","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04888","scoring_system":"epss","scoring_elements":"0.89546","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04888","scoring_system":"epss","scoring_elements":"0.89559","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04888","scoring_system":"epss","scoring_elements":"0.89543","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6423"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-6423"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-27q1-umct-1qe3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3869?format=json","vulnerability_id":"VCID-2d8p-bbc1-hkfa","summary":"Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd=\"...\" directives.\n\nThis issue affects Apache HTTP Server before 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.66, which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58098.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58098.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58098","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07443","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07398","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08736","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08771","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08772","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.0875","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08669","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08745","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58098"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926","reference_id":"1121926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419365","reference_id":"2419365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419365"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-58098.json","reference_id":"CVE-2025-58098","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-58098.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23732","reference_id":"RHSA-2025:23732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23732"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23919","reference_id":"RHSA-2025:23919","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23932","reference_id":"RHSA-2025:23932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0009","reference_id":"RHSA-2026:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0010","reference_id":"RHSA-2026:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0011","reference_id":"RHSA-2026:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0012","reference_id":"RHSA-2026:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0074","reference_id":"RHSA-2026:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0075","reference_id":"RHSA-2026:0075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0090","reference_id":"RHSA-2026:0090","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0095","reference_id":"RHSA-2026:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0139","reference_id":"RHSA-2026:0139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0141","reference_id":"RHSA-2026:0141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0141"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0171","reference_id":"RHSA-2026:0171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2994","reference_id":"RHSA-2026:2994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2995","reference_id":"RHSA-2026:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2995"},{"reference_url":"https://usn.ubuntu.com/7968-1/","reference_id":"USN-7968-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7968-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583891?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583892?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583893?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-58098"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2d8p-bbc1-hkfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3847?format=json","vulnerability_id":"VCID-2e6w-fs4j-17g9","summary":"HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27316.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27316.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27316","reference_id":"","reference_type":"","scores":[{"value":"0.89409","scoring_system":"epss","scoring_elements":"0.99546","published_at":"2026-04-13T12:55:00Z"},{"value":"0.89409","scoring_system":"epss","scoring_elements":"0.99542","published_at":"2026-04-02T12:55:00Z"},{"value":"0.89409","scoring_system":"epss","scoring_elements":"0.99543","published_at":"2026-04-04T12:55:00Z"},{"value":"0.89409","scoring_system":"epss","scoring_elements":"0.99545","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412","reference_id":"1068412","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412"},{"reference_url":"https://www.openwall.com/lists/oss-security/2024/04/03/16","reference_id":"16","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/"}],"url":"https://www.openwall.com/lists/oss-security/2024/04/03/16"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/18","reference_id":"18","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/18"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268277","reference_id":"2268277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2268277"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/04/4","reference_id":"4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/04/4"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-27316.json","reference_id":"CVE-2024-27316","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-27316.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://support.apple.com/kb/HT214119","reference_id":"HT214119","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-29T15:46:29Z/"}],"url":"https://support.apple.com/kb/HT214119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1786","reference_id":"RHSA-2024:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1872","reference_id":"RHSA-2024:1872","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1872"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2564","reference_id":"RHSA-2024:2564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2693","reference_id":"RHSA-2024:2693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2694","reference_id":"RHSA-2024:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2891","reference_id":"RHSA-2024:2891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2907","reference_id":"RHSA-2024:2907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3402","reference_id":"RHSA-2024:3402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3417","reference_id":"RHSA-2024:3417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4390","reference_id":"RHSA-2024:4390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16668","reference_id":"RHSA-2025:16668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16668"},{"reference_url":"https://usn.ubuntu.com/6729-1/","reference_id":"USN-6729-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6729-1/"},{"reference_url":"https://usn.ubuntu.com/6729-2/","reference_id":"USN-6729-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6729-2/"},{"reference_url":"https://usn.ubuntu.com/6729-3/","reference_id":"USN-6729-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6729-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582458?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582459?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582460?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-27316"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2e6w-fs4j-17g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3760?format=json","vulnerability_id":"VCID-2nmh-7tfa-zyb2","summary":"Prior to Apache HTTP release 2.4.25, mod_sessioncrypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC. An authentication tag (SipHash MAC) is now added to prevent such attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0736.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0736","reference_id":"","reference_type":"","scores":[{"value":"0.4168","scoring_system":"epss","scoring_elements":"0.97392","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4168","scoring_system":"epss","scoring_elements":"0.97418","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4168","scoring_system":"epss","scoring_elements":"0.97416","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4168","scoring_system":"epss","scoring_elements":"0.97417","published_at":"2026-04-12T12:55:00Z"},{"value":"0.4168","scoring_system":"epss","scoring_elements":"0.97399","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4168","scoring_system":"epss","scoring_elements":"0.97403","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4168","scoring_system":"epss","scoring_elements":"0.97406","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4168","scoring_system":"epss","scoring_elements":"0.97413","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4168","scoring_system":"epss","scoring_elements":"0.97414","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406744","reference_id":"1406744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406744"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/40961.py","reference_id":"CVE-2016-0736","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/40961.py"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-0736.json","reference_id":"CVE-2016-0736","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-0736.json"},{"reference_url":"https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt","reference_id":"CVE-2016-0736","reference_type":"exploit","scores":[],"url":"https://www.redteam-pentesting.de/advisories/rt-sa-2016-001.txt"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0906","reference_id":"RHSA-2017:0906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1161","reference_id":"RHSA-2017:1161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1413","reference_id":"RHSA-2017:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1414","reference_id":"RHSA-2017:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1415","reference_id":"RHSA-2017:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1415"},{"reference_url":"https://usn.ubuntu.com/3279-1/","reference_id":"USN-3279-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3279-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582509?format=json","purl":"pkg:deb/debian/apache2@2.4.25-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2016-0736"],"risk_score":9.8,"exploitability":"2.0","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2nmh-7tfa-zyb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3765?format=json","vulnerability_id":"VCID-2xc4-7zg9-y7fw","summary":"HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the \"HTTP_PROXY\" variable from a \"Proxy:\" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1624.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1624.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1625.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1625.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1648.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1648.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1649.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1649.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1650.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1650.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1635","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1636","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1636"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5387","reference_id":"","reference_type":"","scores":[{"value":"0.41959","scoring_system":"epss","scoring_elements":"0.9741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.41959","scoring_system":"epss","scoring_elements":"0.97403","published_at":"2026-04-01T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98278","published_at":"2026-04-13T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98268","published_at":"2026-04-04T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98269","published_at":"2026-04-07T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98274","published_at":"2026-04-09T12:55:00Z"},{"value":"0.60283","scoring_system":"epss","scoring_elements":"0.98277","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03770en_us"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"},{"reference_url":"https://httpoxy.org/","reference_id":"","reference_type":"","scores":[],"url":"https://httpoxy.org/"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/"},{"reference_url":"https://support.apple.com/HT208221","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT208221"},{"reference_url":"https://www.apache.org/security/asf-httpoxy-response.txt","reference_id":"","reference_type":"","scores":[],"url":"https://www.apache.org/security/asf-httpoxy-response.txt"},{"reference_url":"https://www.tenable.com/security/tns-2017-04","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2017-04"},{"reference_url":"http://www.debian.org/security/2016/dsa-3623","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3623"},{"reference_url":"http://www.kb.cert.org/vuls/id/797896","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/797896"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.securityfocus.com/bid/91816","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91816"},{"reference_url":"http://www.securitytracker.com/id/1036330","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036330"},{"reference_url":"http://www.ubuntu.com/usn/USN-3038-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3038-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353755","reference_id":"1353755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353755"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-5387.json","reference_id":"CVE-2016-5387","reference_type":"","scores":[{"value":"n/a","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-5387.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5387","reference_id":"CVE-2016-5387","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5387"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1420","reference_id":"RHSA-2016:1420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1421","reference_id":"RHSA-2016:1421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1422","reference_id":"RHSA-2016:1422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1625","reference_id":"RHSA-2016:1625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1648","reference_id":"RHSA-2016:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1649","reference_id":"RHSA-2016:1649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1650","reference_id":"RHSA-2016:1650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1851","reference_id":"RHSA-2016:1851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1851"},{"reference_url":"https://usn.ubuntu.com/3038-1/","reference_id":"USN-3038-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3038-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585876?format=json","purl":"pkg:deb/debian/apache2@2.4.23-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.23-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2016-5387"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2xc4-7zg9-y7fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3675?format=json","vulnerability_id":"VCID-31wm-xbg1-c7ds","summary":"A flaw in Apache 2.0.51 (only) broke the merging of the Satisfy directive which could result in access being granted to resources despite any configured authentication","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0811.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0811.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0811","reference_id":"","reference_type":"","scores":[{"value":"0.04066","scoring_system":"epss","scoring_elements":"0.88539","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04066","scoring_system":"epss","scoring_elements":"0.88484","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04066","scoring_system":"epss","scoring_elements":"0.88492","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04066","scoring_system":"epss","scoring_elements":"0.88509","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04066","scoring_system":"epss","scoring_elements":"0.88512","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04066","scoring_system":"epss","scoring_elements":"0.8853","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04066","scoring_system":"epss","scoring_elements":"0.88535","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04066","scoring_system":"epss","scoring_elements":"0.88547","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0811"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0811.json","reference_id":"CVE-2004-0811","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0811.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586667?format=json","purl":"pkg:deb/debian/apache2@2.0.52?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.52%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0811"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-31wm-xbg1-c7ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90298?format=json","vulnerability_id":"VCID-35pg-v3ae-8kct","summary":"The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1138.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-1138","reference_id":"","reference_type":"","scores":[{"value":"0.05234","scoring_system":"epss","scoring_elements":"0.89922","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05234","scoring_system":"epss","scoring_elements":"0.89926","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05234","scoring_system":"epss","scoring_elements":"0.89938","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05234","scoring_system":"epss","scoring_elements":"0.89944","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05234","scoring_system":"epss","scoring_elements":"0.8996","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05234","scoring_system":"epss","scoring_elements":"0.89966","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05234","scoring_system":"epss","scoring_elements":"0.89974","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05234","scoring_system":"epss","scoring_elements":"0.89972","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05234","scoring_system":"epss","scoring_elements":"0.89965","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-1138"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/23296.txt","reference_id":"CVE-2003-1138;OSVDB-19137","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/23296.txt"},{"reference_url":"https://www.securityfocus.com/bid/8898/info","reference_id":"CVE-2003-1138;OSVDB-19137","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/8898/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-1138"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35pg-v3ae-8kct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3859?format=json","vulnerability_id":"VCID-3ay7-bwah-2yd1","summary":"HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response.\n\nThis vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP Server 2.4.59 did not address the issue.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42516.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-42516.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42516","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.5352","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53546","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00337","scoring_system":"epss","scoring_elements":"0.56554","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00337","scoring_system":"epss","scoring_elements":"0.56587","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00337","scoring_system":"epss","scoring_elements":"0.56597","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00337","scoring_system":"epss","scoring_elements":"0.56573","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00337","scoring_system":"epss","scoring_elements":"0.56532","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00337","scoring_system":"epss","scoring_elements":"0.56583","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-42516"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42516"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374549","reference_id":"2374549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374549"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-42516.json","reference_id":"CVE-2024-42516","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-42516.json"},{"reference_url":"https://usn.ubuntu.com/7639-1/","reference_id":"USN-7639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-1/"},{"reference_url":"https://usn.ubuntu.com/7639-2/","reference_id":"USN-7639-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584089?format=json","purl":"pkg:deb/debian/apache2@2.4.64-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.64-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584090?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584091?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-42516"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ay7-bwah-2yd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3799?format=json","vulnerability_id":"VCID-3djp-gq4c-1fa9","summary":"A limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malfomed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. We have taken this opportunity to also remove request data from many other in-built error messages. Note however this issue did not affect them directly and their output was already escaped to prevent cross-site scripting attacks.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10092.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10092","reference_id":"","reference_type":"","scores":[{"value":"0.82379","scoring_system":"epss","scoring_elements":"0.99216","published_at":"2026-04-01T12:55:00Z"},{"value":"0.82379","scoring_system":"epss","scoring_elements":"0.99221","published_at":"2026-04-04T12:55:00Z"},{"value":"0.82379","scoring_system":"epss","scoring_elements":"0.99225","published_at":"2026-04-13T12:55:00Z"},{"value":"0.82379","scoring_system":"epss","scoring_elements":"0.99224","published_at":"2026-04-07T12:55:00Z"},{"value":"0.82379","scoring_system":"epss","scoring_elements":"0.99218","published_at":"2026-04-02T12:55:00Z"},{"value":"0.82379","scoring_system":"epss","scoring_elements":"0.99226","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/73768e31e0fcae03e12f5aa87da1cb26dece39327f3c32060baa3e94%40%3Cannounce.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0a83b112cd9701ef8a2061c8ed557f3dc9bb774d4da69fbb91bbc3c4%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00034.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00034.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RVHJHTU4JN3ULCQ44F2G6LZBF2LGNTC/"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/47","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Aug/47"},{"reference_url":"https://seclists.org/bugtraq/2019/Oct/24","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Oct/24"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190905-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190905-0003/"},{"reference_url":"https://support.f5.com/csp/article/K30442259","reference_id":"","reference_type":"","scores":[],"url":"https://support.f5.com/csp/article/K30442259"},{"reference_url":"https://www.debian.org/security/2019/dsa-4509","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4509"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/08/15/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/08/15/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/08/08/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/08/08/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/08/08/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/08/08/9"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743956","reference_id":"1743956","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743956"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collection:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collection:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:9.6:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p7:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:9.6:p8:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/","reference_id":"CVE-2019-10092","reference_type":"exploit","scores":[],"url":"https://0day.work/proof-of-concept-for-apache-httpd-limited-cross-site-scripting-in-mod_proxy-error-page-cve-2019-10092/"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md","reference_id":"CVE-2019-10092","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47688.md"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-10092.json","reference_id":"CVE-2019-10092","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-10092.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10092","reference_id":"CVE-2019-10092","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10092"},{"reference_url":"https://security.gentoo.org/glsa/201909-04","reference_id":"GLSA-201909-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4126","reference_id":"RHSA-2019:4126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1336","reference_id":"RHSA-2020:1336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1337","reference_id":"RHSA-2020:1337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/4113-1/","reference_id":"USN-4113-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4113-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585842?format=json","purl":"pkg:deb/debian/apache2@2.4.41-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.41-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-10092"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3djp-gq4c-1fa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3651?format=json","vulnerability_id":"VCID-3m9y-maes-5ycp","summary":"Apache does not filter terminal escape sequences from error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0020.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0020","reference_id":"","reference_type":"","scores":[{"value":"0.20267","scoring_system":"epss","scoring_elements":"0.95513","published_at":"2026-04-13T12:55:00Z"},{"value":"0.20267","scoring_system":"epss","scoring_elements":"0.95476","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20267","scoring_system":"epss","scoring_elements":"0.95486","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20267","scoring_system":"epss","scoring_elements":"0.95492","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20267","scoring_system":"epss","scoring_elements":"0.95497","published_at":"2026-04-07T12:55:00Z"},{"value":"0.20267","scoring_system":"epss","scoring_elements":"0.95503","published_at":"2026-04-08T12:55:00Z"},{"value":"0.20267","scoring_system":"epss","scoring_elements":"0.95506","published_at":"2026-04-09T12:55:00Z"},{"value":"0.20267","scoring_system":"epss","scoring_elements":"0.9551","published_at":"2026-04-11T12:55:00Z"},{"value":"0.20267","scoring_system":"epss","scoring_elements":"0.95512","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0020"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0020"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616937","reference_id":"1616937","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616937"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0020.json","reference_id":"CVE-2003-0020","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0020.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:082","reference_id":"RHSA-2003:082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:083","reference_id":"RHSA-2003:083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:104","reference_id":"RHSA-2003:104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:139","reference_id":"RHSA-2003:139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:243","reference_id":"RHSA-2003:243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:244","reference_id":"RHSA-2003:244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:244"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585514?format=json","purl":"pkg:deb/debian/apache2@2.0.49?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.49%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0020"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3m9y-maes-5ycp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90446?format=json","vulnerability_id":"VCID-3se4-9vwa-1qbt","summary":"suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized operations on incorrect directories, as demonstrated using \"html_backup\" and \"htmleditor\" under an \"html\" directory.  NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\"","references":[{"reference_url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511","reference_id":"","reference_type":"","scores":[],"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511"},{"reference_url":"http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2"},{"reference_url":"http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2"},{"reference_url":"http://osvdb.org/38640","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/38640"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1742.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1742.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1742","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38457","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38421","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38559","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38583","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38446","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38497","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38506","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38521","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38483","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1742"},{"reference_url":"http://www.securitytracker.com/id?1017904","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1017904"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1742","reference_id":"CVE-2007-1742","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1742"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583308?format=json","purl":"pkg:deb/debian/apache2@2.2.8-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-1742"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3se4-9vwa-1qbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3676?format=json","vulnerability_id":"VCID-3wbg-bxvj-1kca","summary":"An issue has been discovered in the mod_ssl module when configured to use the \"SSLCipherSuite\" directive in directory or location context. If a particular location context has been configured to require a specific set of cipher suites, then a client will be able to access that location using any cipher suite allowed by the virtual host configuration.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0885.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0885","reference_id":"","reference_type":"","scores":[{"value":"0.06144","scoring_system":"epss","scoring_elements":"0.9082","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06144","scoring_system":"epss","scoring_elements":"0.90769","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06144","scoring_system":"epss","scoring_elements":"0.90775","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06144","scoring_system":"epss","scoring_elements":"0.90786","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06144","scoring_system":"epss","scoring_elements":"0.90796","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06144","scoring_system":"epss","scoring_elements":"0.90807","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06144","scoring_system":"epss","scoring_elements":"0.90814","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06144","scoring_system":"epss","scoring_elements":"0.90822","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0885"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430637","reference_id":"430637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430637"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0885.json","reference_id":"CVE-2004-0885","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0885.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:562","reference_id":"RHSA-2004:562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:600","reference_id":"RHSA-2004:600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:600"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:653","reference_id":"RHSA-2004:653","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:816","reference_id":"RHSA-2005:816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585687?format=json","purl":"pkg:deb/debian/apache2@2.0.52-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.52-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0885"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wbg-bxvj-1kca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3759?format=json","vulnerability_id":"VCID-3wuk-hwg1-6fa6","summary":"A design error in the \"ap_some_auth_required\" function renders the API unusuable in httpd 2.4.x. In particular the API is documented to answering if the request required authentication but only answers if there are Require lines in the applicable configuration. Since 2.4.x Require lines are used for authorization as well and can appear in configurations even when no authentication is required and the request is entirely unrestricted. This could lead to modules using this API to allow access when they should otherwise not do so. API users should use the new ap_some_authn_required API added in 2.4.16 instead.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3185.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3185","reference_id":"","reference_type":"","scores":[{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92802","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92814","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92812","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92821","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92825","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09491","scoring_system":"epss","scoring_elements":"0.92829","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243888","reference_id":"1243888","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243888"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2015-3185.json","reference_id":"CVE-2015-3185","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2015-3185.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1666","reference_id":"RHSA-2015:1666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1667","reference_id":"RHSA-2015:1667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2708","reference_id":"RHSA-2017:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2709","reference_id":"RHSA-2017:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2710","reference_id":"RHSA-2017:2710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2710"},{"reference_url":"https://usn.ubuntu.com/2686-1/","reference_id":"USN-2686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2686-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585865?format=json","purl":"pkg:deb/debian/apache2@2.4.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2015-3185"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3wuk-hwg1-6fa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3647?format=json","vulnerability_id":"VCID-3y3e-apkh-5qcq","summary":"In some cases warning messages could get returned to end users in addition to being recorded in the error log. This could reveal the path to a CGI script for example, a minor security exposure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1592","reference_id":"","reference_type":"","scores":[{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.90252","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.90259","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.90258","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.90208","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.90211","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.90224","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.90228","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.90244","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05522","scoring_system":"epss","scoring_elements":"0.9025","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1592"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.0","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.0"},{"reference_url":"http://www.iss.net/security_center/static/9623.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.iss.net/security_center/static/9623.php"},{"reference_url":"http://www.kb.cert.org/vuls/id/165803","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/165803"},{"reference_url":"http://www.securityfocus.com/bid/5256","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/5256"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2002-1592.json","reference_id":"CVE-2002-1592","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2002-1592.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2002-1592","reference_id":"CVE-2002-1592","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2002-1592"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585273?format=json","purl":"pkg:deb/debian/apache2@2.0.36?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.36%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2002-1592"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3y3e-apkh-5qcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3841?format=json","vulnerability_id":"VCID-4c3m-m6ku-kbhq","summary":"HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.\n\nSpecial characters in the origin response header can truncate/split the response forwarded to the client.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27522.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27522.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27522","reference_id":"","reference_type":"","scores":[{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.7369","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.73675","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.73699","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.73717","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.73696","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.73683","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.73651","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.73647","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/httpd/commit/d753ea76b5972a85349b68c31b59d04c60014f2d","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/httpd/commit/d753ea76b5972a85349b68c31b59d04c60014f2d"},{"reference_url":"https://github.com/unbit/uwsgi","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/unbit/uwsgi"},{"reference_url":"https://github.com/unbit/uwsgi/commit/58ee1df31fa9e9af106aaeabb82374c36b433822","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/unbit/uwsgi/commit/58ee1df31fa9e9af106aaeabb82374c36b433822"},{"reference_url":"https://github.com/unbit/uwsgi/commit/acb03530aaaeaa810f28a5b64da619525940f569","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/unbit/uwsgi/commit/acb03530aaaeaa810f28a5b64da619525940f569"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-23T16:41:55Z/"}],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-23T16:41:55Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00028.html"},{"reference_url":"https://security.gentoo.org/glsa/202309-01","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-23T16:41:55Z/"}],"url":"https://security.gentoo.org/glsa/202309-01"},{"reference_url":"https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.22.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.22.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032476","reference_id":"1032476","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032476"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2176211","reference_id":"2176211","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2176211"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2023-27522.json","reference_id":"CVE-2023-27522","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2023-27522.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27522","reference_id":"CVE-2023-27522","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-27522"},{"reference_url":"https://github.com/advisories/GHSA-vcph-37mh-fqrh","reference_id":"GHSA-vcph-37mh-fqrh","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vcph-37mh-fqrh"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4629","reference_id":"RHSA-2023:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5049","reference_id":"RHSA-2023:5049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5050","reference_id":"RHSA-2023:5050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6403","reference_id":"RHSA-2023:6403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4504","reference_id":"RHSA-2024:4504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4504"},{"reference_url":"https://usn.ubuntu.com/5942-1/","reference_id":"USN-5942-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5942-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582332?format=json","purl":"pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585553?format=json","purl":"pkg:deb/debian/apache2@2.4.56-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2023-27522","GHSA-vcph-37mh-fqrh"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4c3m-m6ku-kbhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3833?format=json","vulnerability_id":"VCID-4d3t-es7p-9qhn","summary":"Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer.  While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28615.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28615.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28615","reference_id":"","reference_type":"","scores":[{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78149","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78114","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78131","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78101","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78153","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78171","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78146","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.7814","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513","reference_id":"1012513","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095006","reference_id":"2095006","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095006"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/","reference_id":"7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/06/08/9","reference_id":"9","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/06/08/9"},{"reference_url":"https://security.archlinux.org/AVG-2763","reference_id":"AVG-2763","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2763"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-28615.json","reference_id":"CVE-2022-28615","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-28615.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/"}],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220624-0005/","reference_id":"ntap-20220624-0005","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220624-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5487-1/","reference_id":"USN-5487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-1/"},{"reference_url":"https://usn.ubuntu.com/5487-3/","reference_id":"USN-5487-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/","reference_id":"YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:26:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583306?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583307?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-28615"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4d3t-es7p-9qhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3858?format=json","vulnerability_id":"VCID-4jfa-3r1g-m7h8","summary":"SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests.\n\nUsers are recommended to upgrade to version 2.4.62 which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40898.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40898.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40898","reference_id":"","reference_type":"","scores":[{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67936","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.6796","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67984","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67971","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67897","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67915","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67895","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00549","scoring_system":"epss","scoring_elements":"0.67946","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40898"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298648","reference_id":"2298648","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298648"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-40898.json","reference_id":"CVE-2024-40898","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-40898.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6928","reference_id":"RHSA-2024:6928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6928"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-40898"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4jfa-3r1g-m7h8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54339?format=json","vulnerability_id":"VCID-4mqa-bkha-kbaj","summary":"security update","references":[{"reference_url":"http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/","reference_id":"","reference_type":"","scores":[],"url":"http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/"},{"reference_url":"http://code.google.com/p/chromium/issues/detail?id=139744","reference_id":"","reference_type":"","scores":[],"url":"http://code.google.com/p/chromium/issues/detail?id=139744"},{"reference_url":"http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html","reference_id":"","reference_type":"","scores":[],"url":"http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html"},{"reference_url":"http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html","reference_id":"","reference_type":"","scores":[],"url":"http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html"},{"reference_url":"http://jvn.jp/en/jp/JVN65273415/index.html","reference_id":"","reference_type":"","scores":[],"url":"http://jvn.jp/en/jp/JVN65273415/index.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"http://news.ycombinator.com/item?id=4510829","reference_id":"","reference_type":"","scores":[],"url":"http://news.ycombinator.com/item?id=4510829"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0587.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0587.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4929","reference_id":"","reference_type":"","scores":[{"value":"0.13867","scoring_system":"epss","scoring_elements":"0.94298","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13867","scoring_system":"epss","scoring_elements":"0.94297","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94599","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94585","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94611","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94615","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94601","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15291","scoring_system":"epss","scoring_elements":"0.94592","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4929"},{"reference_url":"https://chromiumcodereview.appspot.com/10825183","reference_id":"","reference_type":"","scores":[],"url":"https://chromiumcodereview.appspot.com/10825183"},{"reference_url":"https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls","reference_id":"","reference_type":"","scores":[],"url":"https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor","reference_id":"","reference_type":"","scores":[],"url":"http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor"},{"reference_url":"https://gist.github.com/3696912","reference_id":"","reference_type":"","scores":[],"url":"https://gist.github.com/3696912"},{"reference_url":"https://github.com/mpgn/CRIME-poc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpgn/CRIME-poc"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920"},{"reference_url":"https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212","reference_id":"","reference_type":"","scores":[],"url":"https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212"},{"reference_url":"http://support.apple.com/kb/HT5784","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5784"},{"reference_url":"http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312","reference_id":"","reference_type":"","scores":[],"url":"http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312"},{"reference_url":"http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512","reference_id":"","reference_type":"","scores":[],"url":"http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512"},{"reference_url":"http://www.debian.org/security/2012/dsa-2579","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2012/dsa-2579"},{"reference_url":"http://www.debian.org/security/2013/dsa-2627","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2013/dsa-2627"},{"reference_url":"http://www.debian.org/security/2015/dsa-3253","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3253"},{"reference_url":"http://www.ekoparty.org/2012/thai-duong.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.ekoparty.org/2012/thai-duong.php"},{"reference_url":"http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091","reference_id":"","reference_type":"","scores":[],"url":"http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091"},{"reference_url":"http://www.securityfocus.com/bid/55704","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55704"},{"reference_url":"http://www.theregister.co.uk/2012/09/14/crime_tls_attack/","reference_id":"","reference_type":"","scores":[],"url":"http://www.theregister.co.uk/2012/09/14/crime_tls_attack/"},{"reference_url":"http://www.ubuntu.com/usn/USN-1627-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1627-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-1628-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1628-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-1898-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1898-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936","reference_id":"689936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399","reference_id":"700399","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426","reference_id":"700426","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197","reference_id":"727197","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055","reference_id":"728055","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=857051","reference_id":"857051","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=857051"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4929","reference_id":"CVE-2012-4929","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4929"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0587","reference_id":"RHSA-2013:0587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0636","reference_id":"RHSA-2013:0636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0416","reference_id":"RHSA-2014:0416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0416"},{"reference_url":"https://usn.ubuntu.com/1627-1/","reference_id":"USN-1627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1627-1/"},{"reference_url":"https://usn.ubuntu.com/1628-1/","reference_id":"USN-1628-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1628-1/"},{"reference_url":"https://usn.ubuntu.com/1898-1/","reference_id":"USN-1898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1898-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586421?format=json","purl":"pkg:deb/debian/apache2@2.2.22-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-4929"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mqa-bkha-kbaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3790?format=json","vulnerability_id":"VCID-4sss-a8ne-kqbc","summary":"When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. A server that never enabled the h2 protocol or that only enabled it for https: and did not configure the \"H2Upgrade on\" is unaffected by this.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0197.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0197.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0197","reference_id":"","reference_type":"","scores":[{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.84326","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.84397","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.84408","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.84401","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.8434","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.84361","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.84363","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.84385","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02193","scoring_system":"epss","scoring_elements":"0.8439","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0197"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695042","reference_id":"1695042","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695042"},{"reference_url":"https://security.archlinux.org/ASA-201904-3","reference_id":"ASA-201904-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-3"},{"reference_url":"https://security.archlinux.org/AVG-946","reference_id":"AVG-946","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-946"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-0197.json","reference_id":"CVE-2019-0197","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-0197.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2644","reference_id":"RHSA-2020:2644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2646","reference_id":"RHSA-2020:2646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/4113-1/","reference_id":"USN-4113-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4113-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582611?format=json","purl":"pkg:deb/debian/apache2@2.4.38-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-0197"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4sss-a8ne-kqbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3732?format=json","vulnerability_id":"VCID-53da-z9gn-n7f2","summary":"A flaw was found in mod_log_config. If the '%{cookiename}C' log format string is in use, a remote attacker could send a specific cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0021.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0021.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0021","reference_id":"","reference_type":"","scores":[{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.9689","published_at":"2026-04-13T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96858","published_at":"2026-04-01T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96866","published_at":"2026-04-02T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96871","published_at":"2026-04-04T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96875","published_at":"2026-04-07T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96884","published_at":"2026-04-08T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96885","published_at":"2026-04-09T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96888","published_at":"2026-04-11T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96889","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=785065","reference_id":"785065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=785065"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0021.json","reference_id":"CVE-2012-0021","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0021.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584769?format=json","purl":"pkg:deb/debian/apache2@2.2.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-0021"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53da-z9gn-n7f2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3722?format=json","vulnerability_id":"VCID-56kt-8bg6-zbcj","summary":"A flaw was found in the handling of requests by mod_cache (2.2) and mod_dav (2.0 and 2.2). A malicious remote attacker could send a carefully crafted request and cause a httpd child process to crash. This crash would only be a denial of service if using the worker MPM. This issue is further mitigated as mod_dav is only affected by requests that are most likely to be authenticated, and mod_cache is only affected if the uncommon \"CacheIgnoreURLSessionIdentifiers\" directive, introduced in version 2.2.14, is used.","references":[{"reference_url":"http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav","reference_id":"","reference_type":"","scores":[],"url":"http://blogs.sun.com/security/entry/cve_2010_1452_mod_dav"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00008.html"},{"reference_url":"http://marc.info/?l=apache-announce&m=128009718610929&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-announce&m=128009718610929&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=129190899612998&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=129190899612998&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=133355494609819&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=133355494609819&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1452","reference_id":"","reference_type":"","scores":[{"value":"0.13871","scoring_system":"epss","scoring_elements":"0.94299","published_at":"2026-04-12T12:55:00Z"},{"value":"0.13871","scoring_system":"epss","scoring_elements":"0.943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94674","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94678","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.9469","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94694","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94698","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.9468","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15663","scoring_system":"epss","scoring_elements":"0.94666","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452"},{"reference_url":"http://secunia.com/advisories/42367","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42367"},{"reference_url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=49246","reference_id":"","reference_type":"","scores":[],"url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=49246"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.467395"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11683"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12341"},{"reference_url":"http://support.apple.com/kb/HT4581","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4581"},{"reference_url":"http://ubuntu.com/usn/usn-1021-1","reference_id":"","reference_type":"","scores":[],"url":"http://ubuntu.com/usn/usn-1021-1"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0659.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-0659.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2218","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2218"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3064","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3064"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0291","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0291"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=618189","reference_id":"618189","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=618189"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-1452.json","reference_id":"CVE-2010-1452","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-1452.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1452","reference_id":"CVE-2010-1452","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1452"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0659","reference_id":"RHSA-2010:0659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0659"},{"reference_url":"https://usn.ubuntu.com/1021-1/","reference_id":"USN-1021-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1021-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/587010?format=json","purl":"pkg:deb/debian/apache2@2.2.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2010-1452"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-56kt-8bg6-zbcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3775?format=json","vulnerability_id":"VCID-5bej-9h7w-33c8","summary":"When an unrecognized HTTP Method is given in an <Limit {method}> directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusual HTTP Methods in a global httpd.conf RegisterHttpMethod directive in httpd release 2.4.25 and later. To permit other .htaccess directives while denying the <Limit > directive, see the AllowOverrideList directive. Source code patch (2.4) is at; CVE-2017-9798-patch-2.4.patch Source code patch (2.2) is at; CVE-2017-9798-patch-2.2.patch Note 2.2 is end-of-life, no further release with this fix is planned. Users are encouraged to migrate to 2.4.28 or later for this and other fixes.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2017/09/18/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2017/09/18/2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3113","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3114","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3114"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9798","reference_id":"","reference_type":"","scores":[{"value":"0.9384","scoring_system":"epss","scoring_elements":"0.99862","published_at":"2026-04-01T12:55:00Z"},{"value":"0.9384","scoring_system":"epss","scoring_elements":"0.99865","published_at":"2026-04-13T12:55:00Z"},{"value":"0.9384","scoring_system":"epss","scoring_elements":"0.99864","published_at":"2026-04-12T12:55:00Z"},{"value":"0.9384","scoring_system":"epss","scoring_elements":"0.99863","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9798"},{"reference_url":"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html","reference_id":"","reference_type":"","scores":[],"url":"https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"},{"reference_url":"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch","reference_id":"","reference_type":"","scores":[],"url":"https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Sep/22","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2024/Sep/22"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/httpd/commit/4cc27823899e070268b906ca677ee838d07cf67a"},{"reference_url":"https://github.com/hannob/optionsbleed","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/hannob/optionsbleed"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2017-9798"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180601-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20180601-0003/"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2017-9798","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2017-9798"},{"reference_url":"https://support.apple.com/HT208331","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT208331"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us"},{"reference_url":"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch","reference_id":"","reference_type":"","scores":[],"url":"https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch"},{"reference_url":"https://www.exploit-db.com/exploits/42745/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42745/"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"reference_url":"https://www.tenable.com/security/tns-2019-09","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2019-09"},{"reference_url":"http://www.debian.org/security/2017/dsa-3980","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3980"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"},{"reference_url":"http://www.securityfocus.com/bid/100872","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100872"},{"reference_url":"http://www.securityfocus.com/bid/105598","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/105598"},{"reference_url":"http://www.securitytracker.com/id/1039387","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039387"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1490344","reference_id":"1490344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1490344"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109","reference_id":"876109","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109"},{"reference_url":"https://security.archlinux.org/ASA-201709-15","reference_id":"ASA-201709-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201709-15"},{"reference_url":"https://security.archlinux.org/AVG-404","reference_id":"AVG-404","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-404"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-9798.json","reference_id":"CVE-2017-9798","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-9798.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9798","reference_id":"CVE-2017-9798","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9798"},{"reference_url":"https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed","reference_id":"CVE-2017-9798;OPTIONSBLEED","reference_type":"exploit","scores":[],"url":"https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py","reference_id":"CVE-2017-9798;OPTIONSBLEED","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2882","reference_id":"RHSA-2017:2882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2972","reference_id":"RHSA-2017:2972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3018","reference_id":"RHSA-2017:3018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3240","reference_id":"RHSA-2017:3240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3425-1/","reference_id":"USN-3425-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3425-1/"},{"reference_url":"https://usn.ubuntu.com/3425-2/","reference_id":"USN-3425-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3425-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585328?format=json","purl":"pkg:deb/debian/apache2@2.4.27-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.27-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-9798"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bej-9h7w-33c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3744?format=json","vulnerability_id":"VCID-5crp-xumw-v7gb","summary":"A NULL pointer dereference was found in mod_cache. A malicious HTTP server could cause a crash in a caching forward proxy configuration. (Note that this vulnerability was fixed in the 2.4.7 release, but the security impact was not disclosed at the time of the release.)","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4352.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4352","reference_id":"","reference_type":"","scores":[{"value":"0.24352","scoring_system":"epss","scoring_elements":"0.96101","published_at":"2026-04-13T12:55:00Z"},{"value":"0.24352","scoring_system":"epss","scoring_elements":"0.96062","published_at":"2026-04-01T12:55:00Z"},{"value":"0.24352","scoring_system":"epss","scoring_elements":"0.96095","published_at":"2026-04-09T12:55:00Z"},{"value":"0.24352","scoring_system":"epss","scoring_elements":"0.96098","published_at":"2026-04-12T12:55:00Z"},{"value":"0.24352","scoring_system":"epss","scoring_elements":"0.9607","published_at":"2026-04-02T12:55:00Z"},{"value":"0.24352","scoring_system":"epss","scoring_elements":"0.96077","published_at":"2026-04-04T12:55:00Z"},{"value":"0.24352","scoring_system":"epss","scoring_elements":"0.96082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.24352","scoring_system":"epss","scoring_elements":"0.96092","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4352"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c?r1=1491564&r2=1523235&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/cache_storage.c?r1=1491564&r2=1523235&diff_format=h"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120604","reference_id":"1120604","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120604"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-4352.json","reference_id":"CVE-2013-4352","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-4352.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4352","reference_id":"CVE-2013-4352","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583414?format=json","purl":"pkg:deb/debian/apache2@2.4.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2013-4352"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5crp-xumw-v7gb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3743?format=json","vulnerability_id":"VCID-5qkp-3w54-j3a5","summary":"A flaw in mod_session_dbd caused it to proceed with save operations for a session without considering the dirty flag and the requirement for a new session ID.","references":[{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2249.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2249.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2249","reference_id":"","reference_type":"","scores":[{"value":"0.43661","scoring_system":"epss","scoring_elements":"0.97523","published_at":"2026-04-13T12:55:00Z"},{"value":"0.43661","scoring_system":"epss","scoring_elements":"0.97498","published_at":"2026-04-01T12:55:00Z"},{"value":"0.43661","scoring_system":"epss","scoring_elements":"0.9752","published_at":"2026-04-11T12:55:00Z"},{"value":"0.43661","scoring_system":"epss","scoring_elements":"0.97522","published_at":"2026-04-12T12:55:00Z"},{"value":"0.43661","scoring_system":"epss","scoring_elements":"0.97505","published_at":"2026-04-02T12:55:00Z"},{"value":"0.43661","scoring_system":"epss","scoring_elements":"0.97508","published_at":"2026-04-04T12:55:00Z"},{"value":"0.43661","scoring_system":"epss","scoring_elements":"0.9751","published_at":"2026-04-07T12:55:00Z"},{"value":"0.43661","scoring_system":"epss","scoring_elements":"0.97515","published_at":"2026-04-08T12:55:00Z"},{"value":"0.43661","scoring_system":"epss","scoring_elements":"0.97517","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2249","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2249"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_dbd.c?r1=1409170&r2=1488158&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_dbd.c?r1=1409170&r2=1488158&diff_format=h"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-2249","reference_id":"","reference_type":"","scores":[],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-2249"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.4.6","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.4.6"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=987543","reference_id":"987543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=987543"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-2249.json","reference_id":"CVE-2013-2249","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-2249.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2249","reference_id":"CVE-2013-2249","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2249"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582800?format=json","purl":"pkg:deb/debian/apache2@2.4.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2013-2249"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qkp-3w54-j3a5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3803?format=json","vulnerability_id":"VCID-5xrt-1n1q-4bey","summary":"In Apache HTTP Server versions 2.4.0 to 2.4.41 some mod_rewrite configurations vulnerable to open redirect.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1927.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1927.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1927","reference_id":"","reference_type":"","scores":[{"value":"0.11302","scoring_system":"epss","scoring_elements":"0.93495","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11302","scoring_system":"epss","scoring_elements":"0.93527","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11302","scoring_system":"epss","scoring_elements":"0.93511","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11302","scoring_system":"epss","scoring_elements":"0.93519","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11302","scoring_system":"epss","scoring_elements":"0.93522","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11302","scoring_system":"epss","scoring_elements":"0.93528","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11302","scoring_system":"epss","scoring_elements":"0.93504","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r6a4146bf3d1645af2880f8b7a4fd8afd696d5fd4a3ae272f49f5dc84%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r731d43caece41d78d8c6304641a02a369fd78300e7ffaf566b06bc59%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200413-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200413-0002/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4757"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/04/03/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/04/03/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/04/04/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/04/04/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1820761","reference_id":"1820761","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1820761"},{"reference_url":"https://security.archlinux.org/ASA-202004-14","reference_id":"ASA-202004-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-14"},{"reference_url":"https://security.archlinux.org/AVG-1126","reference_id":"AVG-1126","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1126"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:broadcom:brocade_fabric_operating_system:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2020-1927.json","reference_id":"CVE-2020-1927","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2020-1927.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1927","reference_id":"CVE-2020-1927","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1336","reference_id":"RHSA-2020:1336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1337","reference_id":"RHSA-2020:1337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2263","reference_id":"RHSA-2020:2263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3958","reference_id":"RHSA-2020:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/4458-1/","reference_id":"USN-4458-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4458-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585106?format=json","purl":"pkg:deb/debian/apache2@2.4.43-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.43-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2020-1927"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xrt-1n1q-4bey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3730?format=json","vulnerability_id":"VCID-5yez-d5nj-q7eq","summary":"An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3607","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47395","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47429","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.4745","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47399","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47454","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47448","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=769844","reference_id":"769844","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=769844"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3607.json","reference_id":"CVE-2011-3607","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3607.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt","reference_id":"CVE-2011-4415;CVE-2011-3607","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt"},{"reference_url":"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/","reference_id":"CVE-2011-4415;CVE-2011-3607","reference_type":"exploit","scores":[],"url":"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586871?format=json","purl":"pkg:deb/debian/apache2@2.2.21-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.21-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2011-3607"],"risk_score":4.2,"exploitability":"2.0","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5yez-d5nj-q7eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90283?format=json","vulnerability_id":"VCID-616c-9x7y-5bby","summary":"mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1850.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1850.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1850","reference_id":"","reference_type":"","scores":[{"value":"0.02915","scoring_system":"epss","scoring_elements":"0.86315","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02915","scoring_system":"epss","scoring_elements":"0.86326","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02915","scoring_system":"epss","scoring_elements":"0.86344","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02915","scoring_system":"epss","scoring_elements":"0.86345","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02915","scoring_system":"epss","scoring_elements":"0.86363","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02915","scoring_system":"epss","scoring_elements":"0.86373","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02915","scoring_system":"epss","scoring_elements":"0.86387","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02915","scoring_system":"epss","scoring_elements":"0.86385","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02915","scoring_system":"epss","scoring_elements":"0.8638","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1850"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1850","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1850"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/21854.c","reference_id":"CVE-2002-1850;OSVDB-2613","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/21854.c"},{"reference_url":"https://www.securityfocus.com/bid/5787/info","reference_id":"CVE-2002-1850;OSVDB-2613","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/5787/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586958?format=json","purl":"pkg:deb/debian/apache2@2.0.42-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.42-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2002-1850"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-616c-9x7y-5bby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3811?format=json","vulnerability_id":"VCID-66k7-maf9-dfcd","summary":"Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35452.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35452.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35452","reference_id":"","reference_type":"","scores":[{"value":"0.10695","scoring_system":"epss","scoring_elements":"0.93289","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10695","scoring_system":"epss","scoring_elements":"0.93319","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10695","scoring_system":"epss","scoring_elements":"0.93315","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10695","scoring_system":"epss","scoring_elements":"0.9332","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10695","scoring_system":"epss","scoring_elements":"0.93318","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10695","scoring_system":"epss","scoring_elements":"0.93297","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10695","scoring_system":"epss","scoring_elements":"0.93303","published_at":"2026-04-04T12:55:00Z"},{"value":"0.10695","scoring_system":"epss","scoring_elements":"0.93302","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10695","scoring_system":"epss","scoring_elements":"0.93311","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966724","reference_id":"1966724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966724"},{"reference_url":"https://security.archlinux.org/AVG-2053","reference_id":"AVG-2053","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2020-35452.json","reference_id":"CVE-2020-35452","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2020-35452.json"},{"reference_url":"https://security.gentoo.org/glsa/202107-38","reference_id":"GLSA-202107-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4613","reference_id":"RHSA-2021:4613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4614","reference_id":"RHSA-2021:4614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1915","reference_id":"RHSA-2022:1915","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1915"},{"reference_url":"https://usn.ubuntu.com/4994-1/","reference_id":"USN-4994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4994-1/"},{"reference_url":"https://usn.ubuntu.com/4994-2/","reference_id":"USN-4994-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4994-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585157?format=json","purl":"pkg:deb/debian/apache2@2.4.46-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.46-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2020-35452"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-66k7-maf9-dfcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3692?format=json","vulnerability_id":"VCID-699n-tvdd-qkgj","summary":"The recall_headers function in mod_mem_cache in Apache 2.2.4 did not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=186219","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=186219"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://issues.apache.org/bugzilla/show_bug.cgi?id=41551","reference_id":"","reference_type":"","scores":[],"url":"http://issues.apache.org/bugzilla/show_bug.cgi?id=41551"},{"reference_url":"http://osvdb.org/38641","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/38641"},{"reference_url":"http://people.apache.org/~covener/2.2.x-mod_memcache-poolmgmt.diff","reference_id":"","reference_type":"","scores":[],"url":"http://people.apache.org/~covener/2.2.x-mod_memcache-poolmgmt.diff"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1862.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1862.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1862","reference_id":"","reference_type":"","scores":[{"value":"0.10659","scoring_system":"epss","scoring_elements":"0.93305","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10659","scoring_system":"epss","scoring_elements":"0.93276","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10659","scoring_system":"epss","scoring_elements":"0.93306","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10659","scoring_system":"epss","scoring_elements":"0.93304","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10659","scoring_system":"epss","scoring_elements":"0.93284","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10659","scoring_system":"epss","scoring_elements":"0.9329","published_at":"2026-04-04T12:55:00Z"},{"value":"0.10659","scoring_system":"epss","scoring_elements":"0.93289","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10659","scoring_system":"epss","scoring_elements":"0.93297","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10659","scoring_system":"epss","scoring_elements":"0.93302","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1862"},{"reference_url":"http://secunia.com/advisories/26273","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26273"},{"reference_url":"http://secunia.com/advisories/26842","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26842"},{"reference_url":"http://secunia.com/advisories/27563","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27563"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200711-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200711-06.xml"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:127","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:127"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"},{"reference_url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html"},{"reference_url":"http://www.securityfocus.com/bid/24553","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/24553"},{"reference_url":"http://www.vupen.com/english/advisories/2007/2231","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/2231"},{"reference_url":"http://www.vupen.com/english/advisories/2007/2727","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/2727"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=242606","reference_id":"242606","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=242606"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-1862.json","reference_id":"CVE-2007-1862","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-1862.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1862","reference_id":"CVE-2007-1862","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1862"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-1862"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-699n-tvdd-qkgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3815?format=json","vulnerability_id":"VCID-6b7y-562y-suce","summary":"Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected.\n\nThis rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server.\n\nThis issue affected  mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never released.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31618.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31618","reference_id":"","reference_type":"","scores":[{"value":"0.11001","scoring_system":"epss","scoring_elements":"0.93424","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11001","scoring_system":"epss","scoring_elements":"0.934","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11001","scoring_system":"epss","scoring_elements":"0.93416","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11001","scoring_system":"epss","scoring_elements":"0.93392","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11001","scoring_system":"epss","scoring_elements":"0.93408","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11001","scoring_system":"epss","scoring_elements":"0.93425","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11001","scoring_system":"epss","scoring_elements":"0.93419","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1968013","reference_id":"1968013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1968013"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/13/2","reference_id":"2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/13/2"},{"reference_url":"https://seclists.org/oss-sec/2021/q2/206","reference_id":"206","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"https://seclists.org/oss-sec/2021/q2/206"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NKJ3ZA3FTSZ2QBBPKS6BYGAWYRABNQQ/","reference_id":"2NKJ3ZA3FTSZ2QBBPKS6BYGAWYRABNQQ","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NKJ3ZA3FTSZ2QBBPKS6BYGAWYRABNQQ/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/06/10/9","reference_id":"9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/06/10/9"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989562","reference_id":"989562","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989562"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A73QJ4HPUMU26I6EULG6SCK67TUEXZYR/","reference_id":"A73QJ4HPUMU26I6EULG6SCK67TUEXZYR","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A73QJ4HPUMU26I6EULG6SCK67TUEXZYR/"},{"reference_url":"https://security.archlinux.org/ASA-202106-23","reference_id":"ASA-202106-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-23"},{"reference_url":"https://security.archlinux.org/AVG-2041","reference_id":"AVG-2041","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2041"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-31618.json","reference_id":"CVE-2021-31618","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-31618.json"},{"reference_url":"https://www.debian.org/security/2021/dsa-4937","reference_id":"dsa-4937","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"https://www.debian.org/security/2021/dsa-4937"},{"reference_url":"https://security.gentoo.org/glsa/202107-38","reference_id":"GLSA-202107-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"https://security.gentoo.org/glsa/202107-38"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210727-0008/","reference_id":"ntap-20210727-0008","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210727-0008/"},{"reference_url":"https://lists.apache.org/thread.html/r14b66ef0f4f569fd515a3f96cd4eb58bd9a8ff525cc326bb0359664f%40%3Ccvs.httpd.apache.org%3E","reference_id":"r14b66ef0f4f569fd515a3f96cd4eb58bd9a8ff525cc326bb0359664f%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"https://lists.apache.org/thread.html/r14b66ef0f4f569fd515a3f96cd4eb58bd9a8ff525cc326bb0359664f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r783b6558abf3305b17ea462bed4bd66d82866438999bf38cef6d11d1%40%3Ccvs.httpd.apache.org%3E","reference_id":"r783b6558abf3305b17ea462bed4bd66d82866438999bf38cef6d11d1%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-20T16:18:33Z/"}],"url":"https://lists.apache.org/thread.html/r783b6558abf3305b17ea462bed4bd66d82866438999bf38cef6d11d1%40%3Ccvs.httpd.apache.org%3E"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586967?format=json","purl":"pkg:deb/debian/apache2@2.4.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-31618"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6b7y-562y-suce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3736?format=json","vulnerability_id":"VCID-6bez-sgg8-cbbq","summary":"Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled. Note: This issue is also known as CVE-2008-0455.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"},{"reference_url":"http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1591.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1591.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1592.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1592.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1594.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1594.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0130.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0130.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2687","reference_id":"","reference_type":"","scores":[{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92237","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92204","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.9224","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92241","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92211","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92217","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.9222","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92231","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92234","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687"},{"reference_url":"http://secunia.com/advisories/50894","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50894"},{"reference_url":"http://secunia.com/advisories/51607","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51607"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539"},{"reference_url":"http://support.apple.com/kb/HT5880","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5880"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.4.3","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.4.3"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"},{"reference_url":"http://www.securityfocus.com/bid/55131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55131"},{"reference_url":"http://www.ubuntu.com/usn/USN-1627-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1627-1"},{"reference_url":"http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794","reference_id":"850794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-2687.json","reference_id":"CVE-2012-2687","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-2687.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2687","reference_id":"CVE-2012-2687","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1591","reference_id":"RHSA-2012:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1592","reference_id":"RHSA-2012:1592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1594","reference_id":"RHSA-2012:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0130","reference_id":"RHSA-2013:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0512","reference_id":"RHSA-2013:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0512"},{"reference_url":"https://usn.ubuntu.com/1627-1/","reference_id":"USN-1627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1627-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584580?format=json","purl":"pkg:deb/debian/apache2@2.2.22-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-2687"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bez-sgg8-cbbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3715?format=json","vulnerability_id":"VCID-6d43-sjqw-tbbp","summary":"A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3095","reference_id":"","reference_type":"","scores":[{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86669","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86606","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86617","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86637","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86636","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86655","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86665","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86678","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03037","scoring_system":"epss","scoring_elements":"0.86676","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=522209","reference_id":"522209","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=522209"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951","reference_id":"545951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3095.json","reference_id":"CVE-2009-3095","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3095.json"},{"reference_url":"https://usn.ubuntu.com/860-1/","reference_id":"USN-860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/860-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585010?format=json","purl":"pkg:deb/debian/apache2@2.2.13-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.13-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2009-3095"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6d43-sjqw-tbbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3746?format=json","vulnerability_id":"VCID-6pzx-1e5t-xbes","summary":"XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6438","reference_id":"","reference_type":"","scores":[{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96681","published_at":"2026-04-13T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96648","published_at":"2026-04-01T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96657","published_at":"2026-04-02T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96663","published_at":"2026-04-04T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96666","published_at":"2026-04-07T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96674","published_at":"2026-04-08T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96676","published_at":"2026-04-09T12:55:00Z"},{"value":"0.30247","scoring_system":"epss","scoring_elements":"0.96678","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077867","reference_id":"1077867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077867"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-6438.json","reference_id":"CVE-2013-6438","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-6438.json"},{"reference_url":"https://security.gentoo.org/glsa/201408-12","reference_id":"GLSA-201408-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0369","reference_id":"RHSA-2014:0369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0370","reference_id":"RHSA-2014:0370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0783","reference_id":"RHSA-2014:0783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0784","reference_id":"RHSA-2014:0784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0825","reference_id":"RHSA-2014:0825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0826","reference_id":"RHSA-2014:0826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0826"},{"reference_url":"https://usn.ubuntu.com/2152-1/","reference_id":"USN-2152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2152-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585772?format=json","purl":"pkg:deb/debian/apache2@2.4.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2013-6438"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6pzx-1e5t-xbes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3838?format=json","vulnerability_id":"VCID-6qk8-1cj1-4fh7","summary":"Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to.  This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36760.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36760","reference_id":"","reference_type":"","scores":[{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52542","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52508","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52528","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52522","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52573","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52558","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52481","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2161777","reference_id":"2161777","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2161777"},{"reference_url":"https://security.archlinux.org/AVG-2824","reference_id":"AVG-2824","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2824"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-36760.json","reference_id":"CVE-2022-36760","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2022-36760.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0852","reference_id":"RHSA-2023:0852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0970","reference_id":"RHSA-2023:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4629","reference_id":"RHSA-2023:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4629"},{"reference_url":"https://usn.ubuntu.com/5834-1/","reference_id":"USN-5834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5834-1/"},{"reference_url":"https://usn.ubuntu.com/5839-1/","reference_id":"USN-5839-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5839-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582331?format=json","purl":"pkg:deb/debian/apache2@2.4.55-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.55-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582332?format=json","purl":"pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-36760"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qk8-1cj1-4fh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3855?format=json","vulnerability_id":"VCID-6tgh-b4td-63f5","summary":"Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39573.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39573.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39573","reference_id":"","reference_type":"","scores":[{"value":"0.0316","scoring_system":"epss","scoring_elements":"0.86917","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0316","scoring_system":"epss","scoring_elements":"0.86886","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0316","scoring_system":"epss","scoring_elements":"0.86906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0316","scoring_system":"epss","scoring_elements":"0.86914","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0316","scoring_system":"epss","scoring_elements":"0.86927","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0316","scoring_system":"epss","scoring_elements":"0.86923","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0316","scoring_system":"epss","scoring_elements":"0.86873","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0316","scoring_system":"epss","scoring_elements":"0.86891","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295022","reference_id":"2295022","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295022"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-39573.json","reference_id":"CVE-2024-39573","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-39573.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240712-0001/","reference_id":"ntap-20240712-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-01T20:41:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240712-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4720","reference_id":"RHSA-2024:4720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4726","reference_id":"RHSA-2024:4726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5001","reference_id":"RHSA-2024:5001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5239","reference_id":"RHSA-2024:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5240","reference_id":"RHSA-2024:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5240"},{"reference_url":"https://usn.ubuntu.com/6885-1/","reference_id":"USN-6885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585130?format=json","purl":"pkg:deb/debian/apache2@2.4.60-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.60-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585131?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585132?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-39573"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6tgh-b4td-63f5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3789?format=json","vulnerability_id":"VCID-6vxq-uxxw-ybeh","summary":"Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparision when determining the method of a request and thus process the request incorrectly.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0196.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0196.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0196","reference_id":"","reference_type":"","scores":[{"value":"0.09496","scoring_system":"epss","scoring_elements":"0.92804","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09496","scoring_system":"epss","scoring_elements":"0.9283","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09496","scoring_system":"epss","scoring_elements":"0.92823","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09496","scoring_system":"epss","scoring_elements":"0.92827","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09496","scoring_system":"epss","scoring_elements":"0.92831","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09496","scoring_system":"epss","scoring_elements":"0.92811","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09496","scoring_system":"epss","scoring_elements":"0.92816","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09496","scoring_system":"epss","scoring_elements":"0.92814","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695030","reference_id":"1695030","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695030"},{"reference_url":"https://security.archlinux.org/ASA-201904-3","reference_id":"ASA-201904-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-3"},{"reference_url":"https://security.archlinux.org/AVG-946","reference_id":"AVG-946","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-946"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-0196.json","reference_id":"CVE-2019-0196","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-0196.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2644","reference_id":"RHSA-2020:2644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2646","reference_id":"RHSA-2020:2646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/3937-1/","reference_id":"USN-3937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582611?format=json","purl":"pkg:deb/debian/apache2@2.4.38-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-0196"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6vxq-uxxw-ybeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3728?format=json","vulnerability_id":"VCID-6vze-zk58-7yep","summary":"A flaw was found when mod_proxy_ajp is used together with mod_proxy_balancer. Given a specific configuration, a remote attacker could send certain malformed HTTP requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3348.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3348.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3348","reference_id":"","reference_type":"","scores":[{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.96969","published_at":"2026-04-13T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.9694","published_at":"2026-04-01T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.96947","published_at":"2026-04-02T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.96952","published_at":"2026-04-04T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.96955","published_at":"2026-04-07T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.96963","published_at":"2026-04-08T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.96964","published_at":"2026-04-09T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.96967","published_at":"2026-04-11T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.96968","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=736690","reference_id":"736690","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=736690"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3348.json","reference_id":"CVE-2011-3348","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3348.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1391","reference_id":"RHSA-2011:1391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1259-1/","reference_id":"USN-1259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585928?format=json","purl":"pkg:deb/debian/apache2@2.2.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2011-3348"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6vze-zk58-7yep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49478?format=json","vulnerability_id":"VCID-741u-yuv6-nkcy","summary":"Multiple vulnerabilities have been discovered in Apache.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0455.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0455.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0455","reference_id":"","reference_type":"","scores":[{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.9789","published_at":"2026-04-01T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97895","published_at":"2026-04-02T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97897","published_at":"2026-04-04T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.979","published_at":"2026-04-07T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97905","published_at":"2026-04-08T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97908","published_at":"2026-04-09T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97911","published_at":"2026-04-11T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97912","published_at":"2026-04-12T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97913","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0455"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0455","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0455"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794","reference_id":"850794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31052.java","reference_id":"CVE-2008-0455;OSVDB-41019","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31052.java"},{"reference_url":"https://www.securityfocus.com/bid/27409/info","reference_id":"CVE-2008-0455;OSVDB-41019","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/27409/info"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1591","reference_id":"RHSA-2012:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1592","reference_id":"RHSA-2012:1592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1594","reference_id":"RHSA-2012:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0130","reference_id":"RHSA-2013:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0512","reference_id":"RHSA-2013:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0512"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584580?format=json","purl":"pkg:deb/debian/apache2@2.2.22-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2008-0455"],"risk_score":1.0,"exploitability":"2.0","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-741u-yuv6-nkcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3674?format=json","vulnerability_id":"VCID-76s2-26cr-syd1","summary":"An issue was discovered in the mod_dav module which could be triggered for a location where WebDAV authoring access has been configured. A malicious remote client which is authorized to use the LOCK method could force an httpd child process to crash by sending a particular sequence of LOCK requests. This issue does not allow execution of arbitrary code. and will only result in a denial of service where a threaded process model is in use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0809.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0809","reference_id":"","reference_type":"","scores":[{"value":"0.14022","scoring_system":"epss","scoring_elements":"0.9434","published_at":"2026-04-13T12:55:00Z"},{"value":"0.14022","scoring_system":"epss","scoring_elements":"0.94299","published_at":"2026-04-01T12:55:00Z"},{"value":"0.14022","scoring_system":"epss","scoring_elements":"0.94308","published_at":"2026-04-02T12:55:00Z"},{"value":"0.14022","scoring_system":"epss","scoring_elements":"0.9432","published_at":"2026-04-04T12:55:00Z"},{"value":"0.14022","scoring_system":"epss","scoring_elements":"0.94321","published_at":"2026-04-07T12:55:00Z"},{"value":"0.14022","scoring_system":"epss","scoring_elements":"0.9433","published_at":"2026-04-08T12:55:00Z"},{"value":"0.14022","scoring_system":"epss","scoring_elements":"0.94335","published_at":"2026-04-09T12:55:00Z"},{"value":"0.14022","scoring_system":"epss","scoring_elements":"0.94338","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0809"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617299","reference_id":"1617299","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617299"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0809.json","reference_id":"CVE-2004-0809","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0809.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:463","reference_id":"RHSA-2004:463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583310?format=json","purl":"pkg:deb/debian/apache2@2.0.51-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.51-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0809"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76s2-26cr-syd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3720?format=json","vulnerability_id":"VCID-7krj-8vat-3ydy","summary":"A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using mod_isapi, a remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one process, this would result in a denial of service, and potentially allow arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0425","reference_id":"","reference_type":"","scores":[{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99427","published_at":"2026-04-13T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99421","published_at":"2026-04-01T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.9942","published_at":"2026-04-02T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99422","published_at":"2026-04-07T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99423","published_at":"2026-04-08T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99424","published_at":"2026-04-09T12:55:00Z"},{"value":"0.86822","scoring_system":"epss","scoring_elements":"0.99426","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0425"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-0425.json","reference_id":"CVE-2010-0425","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-0425.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c","reference_id":"CVE-2010-0425;OSVDB-62674","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c"},{"reference_url":"http://www.senseofsecurity.com.au/advisories/SOS-10-002","reference_id":"CVE-2010-0425;OSVDB-62674","reference_type":"exploit","scores":[],"url":"http://www.senseofsecurity.com.au/advisories/SOS-10-002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2010-0425"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7krj-8vat-3ydy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3786?format=json","vulnerability_id":"VCID-7u2r-egf2-vfhx","summary":"By sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17189.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17189.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17189","reference_id":"","reference_type":"","scores":[{"value":"0.05616","scoring_system":"epss","scoring_elements":"0.90289","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05616","scoring_system":"epss","scoring_elements":"0.90332","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05616","scoring_system":"epss","scoring_elements":"0.9031","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05616","scoring_system":"epss","scoring_elements":"0.90324","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05616","scoring_system":"epss","scoring_elements":"0.90331","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05616","scoring_system":"epss","scoring_elements":"0.90339","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05616","scoring_system":"epss","scoring_elements":"0.90338","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05616","scoring_system":"epss","scoring_elements":"0.90292","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05616","scoring_system":"epss","scoring_elements":"0.90305","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY7SJQOO3PYFVINZW6H5EK4EZ3HSGZNM/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY7SJQOO3PYFVINZW6H5EK4EZ3HSGZNM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U7N3DUEBFVGQWQEME5HTPTTKDHGHBAC6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U7N3DUEBFVGQWQEME5HTPTTKDHGHBAC6/"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/5","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/5"},{"reference_url":"https://security.gentoo.org/glsa/201903-21","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-21"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190125-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190125-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us"},{"reference_url":"https://www.debian.org/security/2019/dsa-4422","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4422"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"https://www.tenable.com/security/tns-2019-09","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2019-09"},{"reference_url":"http://www.securityfocus.com/bid/106685","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106685"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668497","reference_id":"1668497","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668497"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920302","reference_id":"920302","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920302"},{"reference_url":"https://security.archlinux.org/ASA-201901-14","reference_id":"ASA-201901-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201901-14"},{"reference_url":"https://security.archlinux.org/AVG-857","reference_id":"AVG-857","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-857"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-17189.json","reference_id":"CVE-2018-17189","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-17189.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17189","reference_id":"CVE-2018-17189","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4126","reference_id":"RHSA-2019:4126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/3937-1/","reference_id":"USN-3937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582791?format=json","purl":"pkg:deb/debian/apache2@2.4.38-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-17189"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7u2r-egf2-vfhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3800?format=json","vulnerability_id":"VCID-7vfk-1dwm-xbbt","summary":"When mod_remoteip was configured to use a trusted intermediary proxy server using the \"PROXY\" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10097.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10097.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10097","reference_id":"","reference_type":"","scores":[{"value":"0.22907","scoring_system":"epss","scoring_elements":"0.95861","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22907","scoring_system":"epss","scoring_elements":"0.95896","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22907","scoring_system":"epss","scoring_elements":"0.95881","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22907","scoring_system":"epss","scoring_elements":"0.95889","published_at":"2026-04-08T12:55:00Z"},{"value":"0.22907","scoring_system":"epss","scoring_elements":"0.95892","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22907","scoring_system":"epss","scoring_elements":"0.95895","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22907","scoring_system":"epss","scoring_elements":"0.95869","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22907","scoring_system":"epss","scoring_elements":"0.95877","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10097"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743996","reference_id":"1743996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743996"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-10097.json","reference_id":"CVE-2019-10097","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-10097.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10097","reference_id":"CVE-2019-10097","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10097"},{"reference_url":"https://security.gentoo.org/glsa/201909-04","reference_id":"GLSA-201909-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4126","reference_id":"RHSA-2019:4126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1336","reference_id":"RHSA-2020:1336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1337","reference_id":"RHSA-2020:1337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/4113-1/","reference_id":"USN-4113-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4113-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585842?format=json","purl":"pkg:deb/debian/apache2@2.4.41-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.41-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-10097"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7vfk-1dwm-xbbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3788?format=json","vulnerability_id":"VCID-7vjg-vetg-p7f6","summary":"A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0190","reference_id":"","reference_type":"","scores":[{"value":"0.17386","scoring_system":"epss","scoring_elements":"0.95031","published_at":"2026-04-01T12:55:00Z"},{"value":"0.17386","scoring_system":"epss","scoring_elements":"0.95065","published_at":"2026-04-13T12:55:00Z"},{"value":"0.17386","scoring_system":"epss","scoring_elements":"0.95052","published_at":"2026-04-08T12:55:00Z"},{"value":"0.17386","scoring_system":"epss","scoring_elements":"0.95056","published_at":"2026-04-09T12:55:00Z"},{"value":"0.17386","scoring_system":"epss","scoring_elements":"0.95061","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17386","scoring_system":"epss","scoring_elements":"0.95063","published_at":"2026-04-12T12:55:00Z"},{"value":"0.17386","scoring_system":"epss","scoring_elements":"0.95042","published_at":"2026-04-04T12:55:00Z"},{"value":"0.17386","scoring_system":"epss","scoring_elements":"0.95045","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0190"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://security.gentoo.org/glsa/201903-21","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-21"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190125-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190125-0001/"},{"reference_url":"https://www.oracle.com//security-alerts/cpujul2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"http://www.securityfocus.com/bid/106743","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106743"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668488","reference_id":"1668488","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668488"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920220","reference_id":"920220","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920220"},{"reference_url":"https://security.archlinux.org/ASA-201901-14","reference_id":"ASA-201901-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201901-14"},{"reference_url":"https://security.archlinux.org/AVG-857","reference_id":"AVG-857","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-857"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-0190.json","reference_id":"CVE-2019-0190","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-0190.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0190","reference_id":"CVE-2019-0190","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0190"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582791?format=json","purl":"pkg:deb/debian/apache2@2.4.38-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-0190"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7vjg-vetg-p7f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3764?format=json","vulnerability_id":"VCID-7zer-dq7c-8ffq","summary":"For configurations enabling support for HTTP/2, SSL client certificate validation was not enforced if configured, allowing clients unauthorized access to protected resources over HTTP/2. This issue affected releases 2.4.18 and 2.4.20 only.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://packetstormsecurity.com/files/137771/Apache-2.4.20-X509-Authentication-Bypass.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/137771/Apache-2.4.20-X509-Authentication-Bypass.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4979.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4979.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4979","reference_id":"","reference_type":"","scores":[{"value":"0.1736","scoring_system":"epss","scoring_elements":"0.95022","published_at":"2026-04-01T12:55:00Z"},{"value":"0.1736","scoring_system":"epss","scoring_elements":"0.95057","published_at":"2026-04-13T12:55:00Z"},{"value":"0.1736","scoring_system":"epss","scoring_elements":"0.95044","published_at":"2026-04-08T12:55:00Z"},{"value":"0.1736","scoring_system":"epss","scoring_elements":"0.95048","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1736","scoring_system":"epss","scoring_elements":"0.95053","published_at":"2026-04-11T12:55:00Z"},{"value":"0.1736","scoring_system":"epss","scoring_elements":"0.95055","published_at":"2026-04-12T12:55:00Z"},{"value":"0.1736","scoring_system":"epss","scoring_elements":"0.95033","published_at":"2026-04-02T12:55:00Z"},{"value":"0.1736","scoring_system":"epss","scoring_elements":"0.95034","published_at":"2026-04-04T12:55:00Z"},{"value":"0.1736","scoring_system":"epss","scoring_elements":"0.95036","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4979"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Jul/11","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2016/Jul/11"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/httpd/commit/2d0e4eff04ea963128a41faaef21f987272e05a2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/httpd/commit/2d0e4eff04ea963128a41faaef21f987272e05a2"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180601-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20180601-0001/"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.4","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/07/05/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/07/05/5"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"},{"reference_url":"http://www.securityfocus.com/bid/91566","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91566"},{"reference_url":"http://www.securitytracker.com/id/1036225","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036225"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1352476","reference_id":"1352476","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1352476"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.20:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-4979.json","reference_id":"CVE-2016-4979","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-4979.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4979","reference_id":"CVE-2016-4979","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4979"},{"reference_url":"https://security.gentoo.org/glsa/201610-02","reference_id":"GLSA-201610-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1420","reference_id":"RHSA-2016:1420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1420"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585957?format=json","purl":"pkg:deb/debian/apache2@2.4.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.23-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2016-4979"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7zer-dq7c-8ffq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3742?format=json","vulnerability_id":"VCID-8axm-4anr-27ht","summary":"Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1156.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1156.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1896","reference_id":"","reference_type":"","scores":[{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97242","published_at":"2026-04-13T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97214","published_at":"2026-04-01T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.9724","published_at":"2026-04-11T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97219","published_at":"2026-04-02T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97225","published_at":"2026-04-04T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97226","published_at":"2026-04-07T12:55:00Z"},{"value":"0.38555","scoring_system":"epss","scoring_elements":"0.97236","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1896"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896"},{"reference_url":"http://secunia.com/advisories/55032","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/55032"},{"reference_url":"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747"},{"reference_url":"http://support.apple.com/kb/HT6150","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT6150"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522&r2=1485668&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896","reference_id":"","reference_type":"","scores":[],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21644047","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21644047"},{"reference_url":"http://www.apache.org/dist/httpd/Announcement2.2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/Announcement2.2.html"},{"reference_url":"http://www.securityfocus.com/bid/61129","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/61129"},{"reference_url":"http://www.ubuntu.com/usn/USN-1903-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1903-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272","reference_id":"717272","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=983549","reference_id":"983549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=983549"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-1896.json","reference_id":"CVE-2013-1896","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-1896.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1896","reference_id":"CVE-2013-1896","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1896"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1133","reference_id":"RHSA-2013:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1134","reference_id":"RHSA-2013:1134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1156","reference_id":"RHSA-2013:1156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1903-1/","reference_id":"USN-1903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582800?format=json","purl":"pkg:deb/debian/apache2@2.4.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2013-1896"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8axm-4anr-27ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3852?format=json","vulnerability_id":"VCID-8edq-8rvq-rkf1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38475.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38475.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38475","reference_id":"","reference_type":"","scores":[{"value":"0.93858","scoring_system":"epss","scoring_elements":"0.99869","published_at":"2026-04-13T12:55:00Z"},{"value":"0.93858","scoring_system":"epss","scoring_elements":"0.99867","published_at":"2026-04-09T12:55:00Z"},{"value":"0.93858","scoring_system":"epss","scoring_elements":"0.99868","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295014","reference_id":"2295014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295014"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-38475.json","reference_id":"CVE-2024-38475","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-38475.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240712-0001/","reference_id":"ntap-20240712-0001","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-05-02T03:55:18Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240712-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4719","reference_id":"RHSA-2024:4719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4720","reference_id":"RHSA-2024:4720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4726","reference_id":"RHSA-2024:4726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4820","reference_id":"RHSA-2024:4820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4827","reference_id":"RHSA-2024:4827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4830","reference_id":"RHSA-2024:4830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4862","reference_id":"RHSA-2024:4862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4863","reference_id":"RHSA-2024:4863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4938","reference_id":"RHSA-2024:4938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4943","reference_id":"RHSA-2024:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5239","reference_id":"RHSA-2024:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5240","reference_id":"RHSA-2024:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5240"},{"reference_url":"https://usn.ubuntu.com/6885-1/","reference_id":"USN-6885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-1/"},{"reference_url":"https://usn.ubuntu.com/6885-3/","reference_id":"USN-6885-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-3/"},{"reference_url":"https://usn.ubuntu.com/6885-5/","reference_id":"USN-6885-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585130?format=json","purl":"pkg:deb/debian/apache2@2.4.60-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.60-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585131?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585132?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-38475"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8edq-8rvq-rkf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3754?format=json","vulnerability_id":"VCID-8eqf-c42n-y7dt","summary":"An out-of-bounds memory read was found in mod_proxy_fcgi. A malicious FastCGI server could send a carefully crafted response which could lead to a crash when reading past the end of a heap memory or stack buffer. This issue affects version 2.4.10 only.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1855.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1855.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3583.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3583.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3583","reference_id":"","reference_type":"","scores":[{"value":"0.41813","scoring_system":"epss","scoring_elements":"0.97423","published_at":"2026-04-13T12:55:00Z"},{"value":"0.41813","scoring_system":"epss","scoring_elements":"0.97397","published_at":"2026-04-01T12:55:00Z"},{"value":"0.41813","scoring_system":"epss","scoring_elements":"0.97419","published_at":"2026-04-09T12:55:00Z"},{"value":"0.41813","scoring_system":"epss","scoring_elements":"0.97421","published_at":"2026-04-11T12:55:00Z"},{"value":"0.41813","scoring_system":"epss","scoring_elements":"0.97404","published_at":"2026-04-02T12:55:00Z"},{"value":"0.41813","scoring_system":"epss","scoring_elements":"0.97408","published_at":"2026-04-04T12:55:00Z"},{"value":"0.41813","scoring_system":"epss","scoring_elements":"0.97411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.41813","scoring_system":"epss","scoring_elements":"0.97417","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3583"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3583"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://support.apple.com/HT205219","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT205219"},{"reference_url":"https://support.apple.com/kb/HT205031","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT205031"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1638818","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1638818"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"reference_url":"http://www.securityfocus.com/bid/71657","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71657"},{"reference_url":"http://www.ubuntu.com/usn/USN-2523-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2523-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1163555","reference_id":"1163555","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1163555"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:os_x_server:5.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:os_x_server:5.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:os_x_server:5.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-3583.json","reference_id":"CVE-2014-3583","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-3583.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3583","reference_id":"CVE-2014-3583","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3583"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1855","reference_id":"RHSA-2015:1855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1858","reference_id":"RHSA-2015:1858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1858"},{"reference_url":"https://usn.ubuntu.com/2523-1/","reference_id":"USN-2523-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2523-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586532?format=json","purl":"pkg:deb/debian/apache2@2.4.10-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2014-3583"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8eqf-c42n-y7dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3763?format=json","vulnerability_id":"VCID-8gcm-7q3n-q7bm","summary":"Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the \"Location\" or other outbound header key or value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4975","reference_id":"","reference_type":"","scores":[{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98788","published_at":"2026-04-09T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98789","published_at":"2026-04-08T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98791","published_at":"2026-04-11T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98793","published_at":"2026-04-13T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98792","published_at":"2026-04-12T12:55:00Z"},{"value":"0.75341","scoring_system":"epss","scoring_elements":"0.9888","published_at":"2026-04-04T12:55:00Z"},{"value":"0.75341","scoring_system":"epss","scoring_elements":"0.98876","published_at":"2026-04-01T12:55:00Z"},{"value":"0.75341","scoring_system":"epss","scoring_elements":"0.98878","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1375968","reference_id":"1375968","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1375968"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-4975.json","reference_id":"CVE-2016-4975","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-4975.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0906","reference_id":"RHSA-2017:0906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2185","reference_id":"RHSA-2018:2185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2186","reference_id":"RHSA-2018:2186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582509?format=json","purl":"pkg:deb/debian/apache2@2.4.25-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2016-4975"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8gcm-7q3n-q7bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3853?format=json","vulnerability_id":"VCID-8nw9-zpxn-ckab","summary":"Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38476.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38476.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38476","reference_id":"","reference_type":"","scores":[{"value":"0.03452","scoring_system":"epss","scoring_elements":"0.87515","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03452","scoring_system":"epss","scoring_elements":"0.87486","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03452","scoring_system":"epss","scoring_elements":"0.87505","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03452","scoring_system":"epss","scoring_elements":"0.87512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03452","scoring_system":"epss","scoring_elements":"0.87523","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03452","scoring_system":"epss","scoring_elements":"0.87519","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03545","scoring_system":"epss","scoring_elements":"0.87649","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03545","scoring_system":"epss","scoring_elements":"0.87636","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295015","reference_id":"2295015","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295015"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-38476.json","reference_id":"CVE-2024-38476","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-38476.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240712-0001/","reference_id":"ntap-20240712-0001","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T03:55:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240712-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5138","reference_id":"RHSA-2024:5138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5193","reference_id":"RHSA-2024:5193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5239","reference_id":"RHSA-2024:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5240","reference_id":"RHSA-2024:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5812","reference_id":"RHSA-2024:5812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5832","reference_id":"RHSA-2024:5832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6136","reference_id":"RHSA-2024:6136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6467","reference_id":"RHSA-2024:6467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6468","reference_id":"RHSA-2024:6468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6583","reference_id":"RHSA-2024:6583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6584","reference_id":"RHSA-2024:6584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7101","reference_id":"RHSA-2024:7101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7101"},{"reference_url":"https://usn.ubuntu.com/6885-1/","reference_id":"USN-6885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-1/"},{"reference_url":"https://usn.ubuntu.com/6885-3/","reference_id":"USN-6885-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585130?format=json","purl":"pkg:deb/debian/apache2@2.4.60-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.60-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585131?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585132?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-38476"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8nw9-zpxn-ckab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3809?format=json","vulnerability_id":"VCID-91u7-vh6n-v7fm","summary":"Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13938.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13938","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21778","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21906","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21866","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21943","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21997","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21761","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21839","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21894","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13938"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970006","reference_id":"1970006","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970006"},{"reference_url":"https://security.archlinux.org/AVG-2054","reference_id":"AVG-2054","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2054"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2020-13938.json","reference_id":"CVE-2020-13938","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2020-13938.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2020-13938"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91u7-vh6n-v7fm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3695?format=json","vulnerability_id":"VCID-95zk-suqh-j7e7","summary":"A flaw was found in the Apache HTTP Server mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3847.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3847","reference_id":"","reference_type":"","scores":[{"value":"0.22605","scoring_system":"epss","scoring_elements":"0.95845","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22605","scoring_system":"epss","scoring_elements":"0.95813","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22605","scoring_system":"epss","scoring_elements":"0.95822","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22605","scoring_system":"epss","scoring_elements":"0.95831","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22605","scoring_system":"epss","scoring_elements":"0.95833","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22605","scoring_system":"epss","scoring_elements":"0.95841","published_at":"2026-04-08T12:55:00Z"},{"value":"0.23276","scoring_system":"epss","scoring_elements":"0.9595","published_at":"2026-04-13T12:55:00Z"},{"value":"0.23276","scoring_system":"epss","scoring_elements":"0.95948","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=250731","reference_id":"250731","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=250731"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845","reference_id":"441845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=441845"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-3847.json","reference_id":"CVE-2007-3847","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-3847.json"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0746","reference_id":"RHSA-2007:0746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0747","reference_id":"RHSA-2007:0747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0911","reference_id":"RHSA-2007:0911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583943?format=json","purl":"pkg:deb/debian/apache2@2.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-3847"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95zk-suqh-j7e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3662?format=json","vulnerability_id":"VCID-9b9s-sz9t-rubp","summary":"A bug in mod_cgid mishandling of CGI redirect paths can result in CGI output going to the wrong client when a threaded MPM is used.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0789.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0789","reference_id":"","reference_type":"","scores":[{"value":"0.08237","scoring_system":"epss","scoring_elements":"0.92223","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08237","scoring_system":"epss","scoring_elements":"0.92188","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08237","scoring_system":"epss","scoring_elements":"0.92195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08237","scoring_system":"epss","scoring_elements":"0.92202","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08237","scoring_system":"epss","scoring_elements":"0.92205","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08237","scoring_system":"epss","scoring_elements":"0.92216","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08237","scoring_system":"epss","scoring_elements":"0.9222","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08237","scoring_system":"epss","scoring_elements":"0.92225","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08237","scoring_system":"epss","scoring_elements":"0.92226","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0789"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617086","reference_id":"1617086","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617086"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0789.json","reference_id":"CVE-2003-0789","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0789.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:320","reference_id":"RHSA-2003:320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:320"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586439?format=json","purl":"pkg:deb/debian/apache2@2.0.48?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.48%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0789"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9b9s-sz9t-rubp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3778?format=json","vulnerability_id":"VCID-9qdr-1v39-d7b7","summary":"When mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a \"Session\" header. This comes from the \"HTTP_SESSION\" variable name used by mod_session to forward its data to CGIs, since the prefix \"HTTP_\" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications. The severity is set to Moderate because \"SessionEnv on\" is not a default nor common configuration, it should be considered more severe when this is the case though, because of the possible remote exploitation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1283.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1283","reference_id":"","reference_type":"","scores":[{"value":"0.03348","scoring_system":"epss","scoring_elements":"0.87263","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03348","scoring_system":"epss","scoring_elements":"0.87316","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03348","scoring_system":"epss","scoring_elements":"0.87313","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03348","scoring_system":"epss","scoring_elements":"0.87326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03348","scoring_system":"epss","scoring_elements":"0.8732","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03348","scoring_system":"epss","scoring_elements":"0.87273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03348","scoring_system":"epss","scoring_elements":"0.87289","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03348","scoring_system":"epss","scoring_elements":"0.87287","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03348","scoring_system":"epss","scoring_elements":"0.87306","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560395","reference_id":"1560395","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560395"},{"reference_url":"https://security.archlinux.org/ASA-201804-4","reference_id":"ASA-201804-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201804-4"},{"reference_url":"https://security.archlinux.org/AVG-664","reference_id":"AVG-664","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-664"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-1283.json","reference_id":"CVE-2018-1283","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-1283.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0366","reference_id":"RHSA-2019:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0367","reference_id":"RHSA-2019:0367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3958","reference_id":"RHSA-2020:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3958"},{"reference_url":"https://usn.ubuntu.com/3627-1/","reference_id":"USN-3627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-1/"},{"reference_url":"https://usn.ubuntu.com/3627-2/","reference_id":"USN-3627-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584735?format=json","purl":"pkg:deb/debian/apache2@2.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-1283"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qdr-1v39-d7b7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3865?format=json","vulnerability_id":"VCID-9tez-97xg-z3bs","summary":"In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade.\n\nOnly configurations using \"SSLEngine optional\" to enable TLS upgrades are affected. Users are recommended to upgrade to version 2.4.64, which removes support for TLS upgrade.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49812.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49812.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49812","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32463","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32427","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32747","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3281","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32811","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32773","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32735","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32783","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374580","reference_id":"2374580","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374580"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-49812.json","reference_id":"CVE-2025-49812","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-49812.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13680","reference_id":"RHSA-2025:13680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13681","reference_id":"RHSA-2025:13681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14901","reference_id":"RHSA-2025:14901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14902","reference_id":"RHSA-2025:14902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14903","reference_id":"RHSA-2025:14903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14997","reference_id":"RHSA-2025:14997","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14998","reference_id":"RHSA-2025:14998","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14998"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15023","reference_id":"RHSA-2025:15023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15036","reference_id":"RHSA-2025:15036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15095","reference_id":"RHSA-2025:15095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15123","reference_id":"RHSA-2025:15123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15516","reference_id":"RHSA-2025:15516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15619","reference_id":"RHSA-2025:15619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15684","reference_id":"RHSA-2025:15684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15698","reference_id":"RHSA-2025:15698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15698"},{"reference_url":"https://usn.ubuntu.com/7639-1/","reference_id":"USN-7639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-1/"},{"reference_url":"https://usn.ubuntu.com/7639-2/","reference_id":"USN-7639-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584089?format=json","purl":"pkg:deb/debian/apache2@2.4.64-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.64-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584090?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584091?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-49812"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tez-97xg-z3bs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3817?format=json","vulnerability_id":"VCID-9u53-b79b-cfgd","summary":"Malformed requests may cause the server to dereference a NULL pointer.\n\n\nThis issue affects Apache HTTP Server 2.4.48 and earlier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34798.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-34798","reference_id":"","reference_type":"","scores":[{"value":"0.1029","scoring_system":"epss","scoring_elements":"0.93141","published_at":"2026-04-01T12:55:00Z"},{"value":"0.1029","scoring_system":"epss","scoring_elements":"0.93171","published_at":"2026-04-13T12:55:00Z"},{"value":"0.1029","scoring_system":"epss","scoring_elements":"0.93166","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1029","scoring_system":"epss","scoring_elements":"0.93172","published_at":"2026-04-11T12:55:00Z"},{"value":"0.1029","scoring_system":"epss","scoring_elements":"0.93169","published_at":"2026-04-12T12:55:00Z"},{"value":"0.1029","scoring_system":"epss","scoring_elements":"0.93151","published_at":"2026-04-02T12:55:00Z"},{"value":"0.1029","scoring_system":"epss","scoring_elements":"0.93154","published_at":"2026-04-04T12:55:00Z"},{"value":"0.1029","scoring_system":"epss","scoring_elements":"0.93153","published_at":"2026-04-07T12:55:00Z"},{"value":"0.1029","scoring_system":"epss","scoring_elements":"0.93162","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-34798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2005128","reference_id":"2005128","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2005128"},{"reference_url":"https://security.archlinux.org/AVG-2289","reference_id":"AVG-2289","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2289"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-34798.json","reference_id":"CVE-2021-34798","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-34798.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4613","reference_id":"RHSA-2021:4613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4614","reference_id":"RHSA-2021:4614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0143","reference_id":"RHSA-2022:0143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0891","reference_id":"RHSA-2022:0891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://usn.ubuntu.com/5090-1/","reference_id":"USN-5090-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5090-1/"},{"reference_url":"https://usn.ubuntu.com/5090-2/","reference_id":"USN-5090-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5090-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584440?format=json","purl":"pkg:deb/debian/apache2@2.4.49-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.49-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584441?format=json","purl":"pkg:deb/debian/apache2@2.4.51-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.51-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-34798"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9u53-b79b-cfgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3783?format=json","vulnerability_id":"VCID-9vzm-qtye-ufh2","summary":"By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. This issue only affects servers that have configured and enabled HTTP/2 support, which is not the default","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3558","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1333.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1333.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1333","reference_id":"","reference_type":"","scores":[{"value":"0.09859","scoring_system":"epss","scoring_elements":"0.92958","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09859","scoring_system":"epss","scoring_elements":"0.92987","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09859","scoring_system":"epss","scoring_elements":"0.9297","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09859","scoring_system":"epss","scoring_elements":"0.92978","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09859","scoring_system":"epss","scoring_elements":"0.92983","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09859","scoring_system":"epss","scoring_elements":"0.92988","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09859","scoring_system":"epss","scoring_elements":"0.92986","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09859","scoring_system":"epss","scoring_elements":"0.92967","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09859","scoring_system":"epss","scoring_elements":"0.92971","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1333"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1333","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1333"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1333","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1333"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180926-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20180926-0007/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us"},{"reference_url":"https://www.tenable.com/security/tns-2019-09","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2019-09"},{"reference_url":"http://www.securitytracker.com/id/1041402","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041402"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1605048","reference_id":"1605048","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1605048"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904106","reference_id":"904106","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904106"},{"reference_url":"https://security.archlinux.org/ASA-201807-12","reference_id":"ASA-201807-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201807-12"},{"reference_url":"https://security.archlinux.org/AVG-736","reference_id":"AVG-736","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-736"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-1333.json","reference_id":"CVE-2018-1333","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-1333.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1333","reference_id":"CVE-2018-1333","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1333"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0366","reference_id":"RHSA-2019:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0367","reference_id":"RHSA-2019:0367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0367"},{"reference_url":"https://usn.ubuntu.com/3783-1/","reference_id":"USN-3783-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3783-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585975?format=json","purl":"pkg:deb/debian/apache2@2.4.34-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.34-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-1333"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9vzm-qtye-ufh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3671?format=json","vulnerability_id":"VCID-9xwj-xak5-efb3","summary":"An issue was discovered in the mod_ssl module in Apache 2.0. A remote attacker who forces an SSL connection to be aborted in a particular state may cause an Apache child process to enter an infinite loop, consuming CPU resources.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0748.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0748.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0748","reference_id":"","reference_type":"","scores":[{"value":"0.18763","scoring_system":"epss","scoring_elements":"0.95292","published_at":"2026-04-13T12:55:00Z"},{"value":"0.18763","scoring_system":"epss","scoring_elements":"0.95251","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18763","scoring_system":"epss","scoring_elements":"0.95264","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18763","scoring_system":"epss","scoring_elements":"0.95269","published_at":"2026-04-04T12:55:00Z"},{"value":"0.18763","scoring_system":"epss","scoring_elements":"0.95274","published_at":"2026-04-07T12:55:00Z"},{"value":"0.18763","scoring_system":"epss","scoring_elements":"0.95281","published_at":"2026-04-08T12:55:00Z"},{"value":"0.18763","scoring_system":"epss","scoring_elements":"0.95284","published_at":"2026-04-09T12:55:00Z"},{"value":"0.18763","scoring_system":"epss","scoring_elements":"0.95289","published_at":"2026-04-11T12:55:00Z"},{"value":"0.18763","scoring_system":"epss","scoring_elements":"0.9529","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0748"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617262","reference_id":"1617262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617262"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0748.json","reference_id":"CVE-2004-0748","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0748.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:349","reference_id":"RHSA-2004:349","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:349"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584666?format=json","purl":"pkg:deb/debian/apache2@2.0.51?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.51%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0748"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9xwj-xak5-efb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3810?format=json","vulnerability_id":"VCID-9ych-ybpr-j3h6","summary":"Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13950.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13950.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13950","reference_id":"","reference_type":"","scores":[{"value":"0.21543","scoring_system":"epss","scoring_elements":"0.95684","published_at":"2026-04-01T12:55:00Z"},{"value":"0.21543","scoring_system":"epss","scoring_elements":"0.95718","published_at":"2026-04-13T12:55:00Z"},{"value":"0.21543","scoring_system":"epss","scoring_elements":"0.95714","published_at":"2026-04-09T12:55:00Z"},{"value":"0.21543","scoring_system":"epss","scoring_elements":"0.95717","published_at":"2026-04-11T12:55:00Z"},{"value":"0.21543","scoring_system":"epss","scoring_elements":"0.95716","published_at":"2026-04-12T12:55:00Z"},{"value":"0.21543","scoring_system":"epss","scoring_elements":"0.95693","published_at":"2026-04-02T12:55:00Z"},{"value":"0.21543","scoring_system":"epss","scoring_elements":"0.95698","published_at":"2026-04-04T12:55:00Z"},{"value":"0.21543","scoring_system":"epss","scoring_elements":"0.95701","published_at":"2026-04-07T12:55:00Z"},{"value":"0.21543","scoring_system":"epss","scoring_elements":"0.9571","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966738","reference_id":"1966738","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966738"},{"reference_url":"https://security.archlinux.org/AVG-2053","reference_id":"AVG-2053","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2020-13950.json","reference_id":"CVE-2020-13950","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2020-13950.json"},{"reference_url":"https://security.gentoo.org/glsa/202107-38","reference_id":"GLSA-202107-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4613","reference_id":"RHSA-2021:4613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4614","reference_id":"RHSA-2021:4614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5163","reference_id":"RHSA-2022:5163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5163"},{"reference_url":"https://usn.ubuntu.com/4994-1/","reference_id":"USN-4994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585157?format=json","purl":"pkg:deb/debian/apache2@2.4.46-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.46-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2020-13950"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ych-ybpr-j3h6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/154920?format=json","vulnerability_id":"VCID-a38m-yzz2-qfcv","summary":"The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable the mod_hfs_apple module, which allows remote attackers to bypass HTTP authentication via a crafted URL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3675","reference_id":"","reference_type":"","scores":[{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54725","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54793","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54816","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54786","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54837","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54834","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54844","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54827","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54804","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3675"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2015-3675"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a38m-yzz2-qfcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3652?format=json","vulnerability_id":"VCID-a86d-f4nd-eqhh","summary":"Apache did not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0083.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0083.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0083","reference_id":"","reference_type":"","scores":[{"value":"0.12356","scoring_system":"epss","scoring_elements":"0.9388","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12356","scoring_system":"epss","scoring_elements":"0.93842","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12356","scoring_system":"epss","scoring_elements":"0.93851","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12356","scoring_system":"epss","scoring_elements":"0.9386","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12356","scoring_system":"epss","scoring_elements":"0.93863","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12356","scoring_system":"epss","scoring_elements":"0.93871","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12356","scoring_system":"epss","scoring_elements":"0.93875","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0083"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0083","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0083"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616961","reference_id":"1616961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616961"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0083.json","reference_id":"CVE-2003-0083","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0083.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:083","reference_id":"RHSA-2003:083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:104","reference_id":"RHSA-2003:104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:116","reference_id":"RHSA-2003:116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:139","reference_id":"RHSA-2003:139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:139"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582374?format=json","purl":"pkg:deb/debian/apache2@2.0.46?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.46%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0083"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a86d-f4nd-eqhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3798?format=json","vulnerability_id":"VCID-a9rw-3s1y-hqd7","summary":"Using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10082.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10082.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10082","reference_id":"","reference_type":"","scores":[{"value":"0.47892","scoring_system":"epss","scoring_elements":"0.97695","published_at":"2026-04-01T12:55:00Z"},{"value":"0.47892","scoring_system":"epss","scoring_elements":"0.97717","published_at":"2026-04-13T12:55:00Z"},{"value":"0.47892","scoring_system":"epss","scoring_elements":"0.97707","published_at":"2026-04-08T12:55:00Z"},{"value":"0.47892","scoring_system":"epss","scoring_elements":"0.9771","published_at":"2026-04-09T12:55:00Z"},{"value":"0.47892","scoring_system":"epss","scoring_elements":"0.97713","published_at":"2026-04-11T12:55:00Z"},{"value":"0.47892","scoring_system":"epss","scoring_elements":"0.97716","published_at":"2026-04-12T12:55:00Z"},{"value":"0.47892","scoring_system":"epss","scoring_elements":"0.97701","published_at":"2026-04-02T12:55:00Z"},{"value":"0.47892","scoring_system":"epss","scoring_elements":"0.97703","published_at":"2026-04-04T12:55:00Z"},{"value":"0.47892","scoring_system":"epss","scoring_elements":"0.97702","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743974","reference_id":"1743974","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743974"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-10082.json","reference_id":"CVE-2019-10082","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-10082.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10082","reference_id":"CVE-2019-10082","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10082"},{"reference_url":"https://security.gentoo.org/glsa/201909-04","reference_id":"GLSA-201909-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1336","reference_id":"RHSA-2020:1336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1337","reference_id":"RHSA-2020:1337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/4113-1/","reference_id":"USN-4113-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4113-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585842?format=json","purl":"pkg:deb/debian/apache2@2.4.41-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.41-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-10082"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9rw-3s1y-hqd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92467?format=json","vulnerability_id":"VCID-acx3-3v8f-1fhu","summary":"The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not properly create the /var/lock/apache2 lock directory, which allows local users to gain privileges via an unspecified symlink attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1048","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16798","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16776","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16942","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16781","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1687","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16927","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16901","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16856","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1048"},{"reference_url":"http://security.debian.org/debian-security/pool/updates/main/a/apache2/apache2_2.2.16-6+squeeze11.diff.gz","reference_id":"","reference_type":"","scores":[],"url":"http://security.debian.org/debian-security/pool/updates/main/a/apache2/apache2_2.2.16-6+squeeze11.diff.gz"},{"reference_url":"http://www.debian.org/security/2013/dsa-2637","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2013/dsa-2637"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:apache2:*:sid:*:*:*:*:*:*","reference_id":"cpe:2.3:a:debian:apache2:*:sid:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:apache2:*:sid:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:apache2:*:squeeze10:*:*:*:*:*:*","reference_id":"cpe:2.3:a:debian:apache2:*:squeeze10:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:apache2:*:squeeze10:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:apache2:*:wheezy:*:*:*:*:*:*","reference_id":"cpe:2.3:a:debian:apache2:*:wheezy:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:debian:apache2:*:wheezy:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1048","reference_id":"CVE-2013-1048","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1048"},{"reference_url":"https://usn.ubuntu.com/1765-1/","reference_id":"USN-1765-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1765-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585286?format=json","purl":"pkg:deb/debian/apache2@2.2.22-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2013-1048"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-acx3-3v8f-1fhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3669?format=json","vulnerability_id":"VCID-agrr-tcwf-afe7","summary":"A memory leak in parsing of HTTP headers which can be triggered remotely may allow a denial of service attack due to excessive memory consumption.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0493.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0493.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0493","reference_id":"","reference_type":"","scores":[{"value":"0.90462","scoring_system":"epss","scoring_elements":"0.99605","published_at":"2026-04-02T12:55:00Z"},{"value":"0.90462","scoring_system":"epss","scoring_elements":"0.99606","published_at":"2026-04-04T12:55:00Z"},{"value":"0.90462","scoring_system":"epss","scoring_elements":"0.99607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.90462","scoring_system":"epss","scoring_elements":"0.99608","published_at":"2026-04-13T12:55:00Z"},{"value":"0.90462","scoring_system":"epss","scoring_elements":"0.99609","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617211","reference_id":"1617211","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617211"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0493.json","reference_id":"CVE-2004-0493","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0493.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/371.c","reference_id":"OSVDB-7269;CVE-2004-0493","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/371.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/360.pl","reference_id":"OSVDB-7269;CVE-2004-0493","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/360.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:342","reference_id":"RHSA-2004:342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585373?format=json","purl":"pkg:deb/debian/apache2@2.0.50-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.50-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0493"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-agrr-tcwf-afe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3780?format=json","vulnerability_id":"VCID-apfh-r85v-dbhz","summary":"When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.33 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerabilty hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1302.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1302.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1302","reference_id":"","reference_type":"","scores":[{"value":"0.12125","scoring_system":"epss","scoring_elements":"0.93766","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12125","scoring_system":"epss","scoring_elements":"0.93806","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12125","scoring_system":"epss","scoring_elements":"0.93798","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12125","scoring_system":"epss","scoring_elements":"0.93801","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12125","scoring_system":"epss","scoring_elements":"0.93805","published_at":"2026-04-11T12:55:00Z"},{"value":"0.12125","scoring_system":"epss","scoring_elements":"0.93776","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12125","scoring_system":"epss","scoring_elements":"0.93785","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12125","scoring_system":"epss","scoring_elements":"0.93789","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1302"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560625","reference_id":"1560625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560625"},{"reference_url":"https://security.archlinux.org/ASA-201804-4","reference_id":"ASA-201804-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201804-4"},{"reference_url":"https://security.archlinux.org/AVG-664","reference_id":"AVG-664","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-664"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-1302.json","reference_id":"CVE-2018-1302","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-1302.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0366","reference_id":"RHSA-2019:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0367","reference_id":"RHSA-2019:0367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0367"},{"reference_url":"https://usn.ubuntu.com/3783-1/","reference_id":"USN-3783-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3783-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584735?format=json","purl":"pkg:deb/debian/apache2@2.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-1302"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apfh-r85v-dbhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3804?format=json","vulnerability_id":"VCID-auhk-ppv5-buaa","summary":"in Apache HTTP Server versions 2.4.0 to 2.4.41, mod_proxy_ftp use of uninitialized value with malicious FTP backend.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1934","reference_id":"","reference_type":"","scores":[{"value":"0.38657","scoring_system":"epss","scoring_elements":"0.97221","published_at":"2026-04-01T12:55:00Z"},{"value":"0.38657","scoring_system":"epss","scoring_elements":"0.97248","published_at":"2026-04-13T12:55:00Z"},{"value":"0.38657","scoring_system":"epss","scoring_elements":"0.97233","published_at":"2026-04-07T12:55:00Z"},{"value":"0.38657","scoring_system":"epss","scoring_elements":"0.97242","published_at":"2026-04-08T12:55:00Z"},{"value":"0.38657","scoring_system":"epss","scoring_elements":"0.97243","published_at":"2026-04-09T12:55:00Z"},{"value":"0.38657","scoring_system":"epss","scoring_elements":"0.97247","published_at":"2026-04-11T12:55:00Z"},{"value":"0.38657","scoring_system":"epss","scoring_elements":"0.97227","published_at":"2026-04-02T12:55:00Z"},{"value":"0.38657","scoring_system":"epss","scoring_elements":"0.97232","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-1934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8de98ec71bbea6e9f05809c46bca4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r33e626224386d2851a83c352f784ba90dedee5dc7fcfcc221d5d7527%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201%40%3Cdev.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdf3e5d0a5f5c3d90d6013bccc6c4d5af59cf1f8c8dea5d9a283d13ce%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200413-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200413-0002/"},{"reference_url":"https://www.debian.org/security/2020/dsa-4757","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4757"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1820772","reference_id":"1820772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1820772"},{"reference_url":"https://security.archlinux.org/ASA-202004-14","reference_id":"ASA-202004-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-14"},{"reference_url":"https://security.archlinux.org/AVG-1126","reference_id":"AVG-1126","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1126"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2020-1934.json","reference_id":"CVE-2020-1934","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2020-1934.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1934","reference_id":"CVE-2020-1934","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-1934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2644","reference_id":"RHSA-2020:2644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2646","reference_id":"RHSA-2020:2646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3958","reference_id":"RHSA-2020:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/4458-1/","reference_id":"USN-4458-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4458-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585106?format=json","purl":"pkg:deb/debian/apache2@2.4.43-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.43-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2020-1934"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-auhk-ppv5-buaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3842?format=json","vulnerability_id":"VCID-b68y-4prb-bfdk","summary":"Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31122.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-31122.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-31122","reference_id":"","reference_type":"","scores":[{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.6251","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62559","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62543","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62508","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.6256","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62593","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62582","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-31122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245332","reference_id":"2245332","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245332"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2023-31122.json","reference_id":"CVE-2023-31122","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2023-31122.json"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html","reference_id":"msg00013.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231027-0011/","reference_id":"ntap-20231027-0011","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231027-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1316","reference_id":"RHSA-2024:1316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1317","reference_id":"RHSA-2024:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2278","reference_id":"RHSA-2024:2278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3121","reference_id":"RHSA-2024:3121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3121"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/","reference_id":"TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TI3V2YCEUM65QDYPGGNUZ7UONIM5OEXC/"},{"reference_url":"https://usn.ubuntu.com/6506-1/","reference_id":"USN-6506-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6506-1/"},{"reference_url":"https://usn.ubuntu.com/6510-1/","reference_id":"USN-6510-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6510-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/","reference_id":"VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VZJTT5TEFNSBWVMKCLS6EZ7PI6EJYBCO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/","reference_id":"ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T20:23:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFDNHDH4VLFGDPY6MEZV2RO5N5FLFONW/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582675?format=json","purl":"pkg:deb/debian/apache2@2.4.58-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.58-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582458?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582459?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2023-31122"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b68y-4prb-bfdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3861?format=json","vulnerability_id":"VCID-b9ks-detx-nkdw","summary":"Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via \nmod_rewrite or apache expressions that pass unvalidated request input.\n\nThis issue affects Apache HTTP Server: from 2.4.0 through 2.4.63.\n\nNote:  The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. \n\nThe server offers limited protection against administrators directing the server to open UNC paths.\nWindows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43394.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43394.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43394","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1559","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15658","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1603","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1616","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16137","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16098","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1601","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16096","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43394"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379332","reference_id":"2379332","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379332"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-43394.json","reference_id":"CVE-2024-43394","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-43394.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584090?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-43394"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b9ks-detx-nkdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3846?format=json","vulnerability_id":"VCID-bau7-pme5-ckbt","summary":"HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.\n\nUsers are recommended to upgrade to version 2.4.59, which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24795.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24795.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24795","reference_id":"","reference_type":"","scores":[{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78267","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78264","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78289","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78271","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78219","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78249","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78231","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01123","scoring_system":"epss","scoring_elements":"0.78258","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412","reference_id":"1068412","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273499","reference_id":"2273499","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273499"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-24795.json","reference_id":"CVE-2024-24795","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-24795.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9306","reference_id":"RHSA-2024:9306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3452","reference_id":"RHSA-2025:3452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3453","reference_id":"RHSA-2025:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3453"},{"reference_url":"https://usn.ubuntu.com/6729-1/","reference_id":"USN-6729-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6729-1/"},{"reference_url":"https://usn.ubuntu.com/6729-2/","reference_id":"USN-6729-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6729-2/"},{"reference_url":"https://usn.ubuntu.com/6729-3/","reference_id":"USN-6729-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6729-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582458?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582459?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582460?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-24795"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bau7-pme5-ckbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3641?format=json","vulnerability_id":"VCID-bcmv-92ve-u7a2","summary":"A path-revealing exposure was present in multiview type map negotiation (such as the default error documents) where a module would report the full path of the typemapped .var file when multiple documents or no documents could be served. Additionally a path-revealing exposure in cgi/cgid when Apache fails to invoke a script. The modules would report \"couldn't create child process /path-to-script/script.pl\" revealing the full path of the script.","references":[{"reference_url":"http://marc.info/?l=bugtraq&m=102951160411052&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=102951160411052&w=2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0654","reference_id":"","reference_type":"","scores":[{"value":"0.75041","scoring_system":"epss","scoring_elements":"0.98872","published_at":"2026-04-13T12:55:00Z"},{"value":"0.75041","scoring_system":"epss","scoring_elements":"0.9887","published_at":"2026-04-11T12:55:00Z"},{"value":"0.75041","scoring_system":"epss","scoring_elements":"0.98871","published_at":"2026-04-12T12:55:00Z"},{"value":"0.75041","scoring_system":"epss","scoring_elements":"0.98862","published_at":"2026-04-01T12:55:00Z"},{"value":"0.75041","scoring_system":"epss","scoring_elements":"0.98864","published_at":"2026-04-02T12:55:00Z"},{"value":"0.75041","scoring_system":"epss","scoring_elements":"0.98865","published_at":"2026-04-04T12:55:00Z"},{"value":"0.75041","scoring_system":"epss","scoring_elements":"0.98867","published_at":"2026-04-09T12:55:00Z"},{"value":"0.75041","scoring_system":"epss","scoring_elements":"0.98869","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0654"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.0","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.0"},{"reference_url":"http://www.iss.net/security_center/static/9875.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.iss.net/security_center/static/9875.php"},{"reference_url":"http://www.iss.net/security_center/static/9876.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.iss.net/security_center/static/9876.php"},{"reference_url":"http://www.securityfocus.com/bid/5485","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/5485"},{"reference_url":"http://www.securityfocus.com/bid/5486","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/5486"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2002-0654.json","reference_id":"CVE-2002-0654","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2002-0654.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2002-0654","reference_id":"CVE-2002-0654","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2002-0654"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/21719.txt","reference_id":"CVE-2002-0654;OSVDB-4075","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/21719.txt"},{"reference_url":"https://www.securityfocus.com/bid/5485/info","reference_id":"CVE-2002-0654;OSVDB-4075","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/5485/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582648?format=json","purl":"pkg:deb/debian/apache2@2.0.40?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.40%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2002-0654"],"risk_score":9.0,"exploitability":"2.0","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bcmv-92ve-u7a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3681?format=json","vulnerability_id":"VCID-bfvg-u6sz-6qc6","summary":"A flaw occured when using the Apache server as a HTTP proxy. A remote attacker could send a HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, causing Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request. This could allow the bypass of web application firewall protection or lead to cross-site scripting (XSS) attacks.","references":[{"reference_url":"http://docs.info.apple.com/article.html?artnum=302847","reference_id":"","reference_type":"","scores":[],"url":"http://docs.info.apple.com/article.html?artnum=302847"},{"reference_url":"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html"},{"reference_url":"http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2088.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2088.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2088","reference_id":"","reference_type":"","scores":[{"value":"0.54293","scoring_system":"epss","scoring_elements":"0.98023","published_at":"2026-04-13T12:55:00Z"},{"value":"0.54293","scoring_system":"epss","scoring_elements":"0.98018","published_at":"2026-04-09T12:55:00Z"},{"value":"0.54293","scoring_system":"epss","scoring_elements":"0.98022","published_at":"2026-04-12T12:55:00Z"},{"value":"0.54293","scoring_system":"epss","scoring_elements":"0.98003","published_at":"2026-04-01T12:55:00Z"},{"value":"0.54293","scoring_system":"epss","scoring_elements":"0.98008","published_at":"2026-04-02T12:55:00Z"},{"value":"0.54293","scoring_system":"epss","scoring_elements":"0.98011","published_at":"2026-04-04T12:55:00Z"},{"value":"0.54293","scoring_system":"epss","scoring_elements":"0.98012","published_at":"2026-04-07T12:55:00Z"},{"value":"0.54293","scoring_system":"epss","scoring_elements":"0.98017","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2088"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2088"},{"reference_url":"http://seclists.org/lists/bugtraq/2005/Jun/0025.html","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/lists/bugtraq/2005/Jun/0025.html"},{"reference_url":"http://secunia.com/advisories/14530","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/14530"},{"reference_url":"http://secunia.com/advisories/17319","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17319"},{"reference_url":"http://secunia.com/advisories/17487","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17487"},{"reference_url":"http://secunia.com/advisories/17813","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17813"},{"reference_url":"http://secunia.com/advisories/19072","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19072"},{"reference_url":"http://secunia.com/advisories/19073","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19073"},{"reference_url":"http://secunia.com/advisories/19185","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19185"},{"reference_url":"http://secunia.com/advisories/19317","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19317"},{"reference_url":"http://secunia.com/advisories/23074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23074"},{"reference_url":"http://securityreason.com/securityalert/604","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/604"},{"reference_url":"http://securitytracker.com/id?1014323","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1014323"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.600000","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.600000"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11452","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11452"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1237","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1237"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1526","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1526"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1629","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1629"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A840","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A840"},{"reference_url":"https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html","reference_id":"","reference_type":"","scores":[],"url":"https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"},{"reference_url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK13959&apar=only","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK13959&apar=only"},{"reference_url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only"},{"reference_url":"http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00612828","reference_id":"","reference_type":"","scores":[],"url":"http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00612828"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_1.3","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_1.3"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.0","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.0"},{"reference_url":"http://www.debian.org/security/2005/dsa-803","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-803"},{"reference_url":"http://www.debian.org/security/2005/dsa-805","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-805"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:130","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:130"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_18_sr.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_18_sr.html"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_46_apache.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_46_apache.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-582.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-582.html"},{"reference_url":"http://www.securiteam.com/securityreviews/5GP0220G0U.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.securiteam.com/securityreviews/5GP0220G0U.html"},{"reference_url":"http://www.securityfocus.com/archive/1/428138/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/428138/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/14106","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/14106"},{"reference_url":"http://www.securityfocus.com/bid/15647","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/15647"},{"reference_url":"http://www.ubuntu.com/usn/usn-160-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-160-2"},{"reference_url":"http://www.vupen.com/english/advisories/2005/2140","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2005/2140"},{"reference_url":"http://www.vupen.com/english/advisories/2005/2659","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2005/2659"},{"reference_url":"http://www.vupen.com/english/advisories/2006/0789","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/0789"},{"reference_url":"http://www.vupen.com/english/advisories/2006/1018","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/1018"},{"reference_url":"http://www.vupen.com/english/advisories/2006/4680","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/4680"},{"reference_url":"http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617682","reference_id":"1617682","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617682"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316173","reference_id":"316173","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=316173"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-2088.json","reference_id":"CVE-2005-2088","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-2088.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2088","reference_id":"CVE-2005-2088","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2088"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:582","reference_id":"RHSA-2005:582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:582"},{"reference_url":"https://usn.ubuntu.com/160-1/","reference_id":"USN-160-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/160-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584122?format=json","purl":"pkg:deb/debian/apache2@2.0.54-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.54-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2005-2088"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bfvg-u6sz-6qc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3654?format=json","vulnerability_id":"VCID-brn7-nskr-7fcq","summary":"Apache on OS2 up to and including Apache 2.0.45 have a Denial of Service vulnerability caused by device names.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0134","reference_id":"","reference_type":"","scores":[{"value":"0.05508","scoring_system":"epss","scoring_elements":"0.90236","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05508","scoring_system":"epss","scoring_elements":"0.90192","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05508","scoring_system":"epss","scoring_elements":"0.90195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05508","scoring_system":"epss","scoring_elements":"0.90207","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05508","scoring_system":"epss","scoring_elements":"0.90212","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05508","scoring_system":"epss","scoring_elements":"0.90228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05508","scoring_system":"epss","scoring_elements":"0.90234","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05508","scoring_system":"epss","scoring_elements":"0.90242","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05508","scoring_system":"epss","scoring_elements":"0.90241","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0134"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0134","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0134"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0134.json","reference_id":"CVE-2003-0134","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0134.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582374?format=json","purl":"pkg:deb/debian/apache2@2.0.46?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.46%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0134"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-brn7-nskr-7fcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3812?format=json","vulnerability_id":"VCID-bvkg-nrwd-e7g8","summary":"Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26690.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-26690.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26690","reference_id":"","reference_type":"","scores":[{"value":"0.70379","scoring_system":"epss","scoring_elements":"0.98675","published_at":"2026-04-02T12:55:00Z"},{"value":"0.70379","scoring_system":"epss","scoring_elements":"0.98687","published_at":"2026-04-13T12:55:00Z"},{"value":"0.70379","scoring_system":"epss","scoring_elements":"0.98682","published_at":"2026-04-08T12:55:00Z"},{"value":"0.70379","scoring_system":"epss","scoring_elements":"0.98683","published_at":"2026-04-09T12:55:00Z"},{"value":"0.70379","scoring_system":"epss","scoring_elements":"0.98685","published_at":"2026-04-12T12:55:00Z"},{"value":"0.70379","scoring_system":"epss","scoring_elements":"0.98678","published_at":"2026-04-04T12:55:00Z"},{"value":"0.70379","scoring_system":"epss","scoring_elements":"0.98681","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-26690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966729","reference_id":"1966729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966729"},{"reference_url":"https://security.archlinux.org/AVG-2053","reference_id":"AVG-2053","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-26690.json","reference_id":"CVE-2021-26690","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-26690.json"},{"reference_url":"https://security.gentoo.org/glsa/202107-38","reference_id":"GLSA-202107-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4257","reference_id":"RHSA-2021:4257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4613","reference_id":"RHSA-2021:4613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4614","reference_id":"RHSA-2021:4614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4614"},{"reference_url":"https://usn.ubuntu.com/4994-1/","reference_id":"USN-4994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4994-1/"},{"reference_url":"https://usn.ubuntu.com/4994-2/","reference_id":"USN-4994-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4994-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585157?format=json","purl":"pkg:deb/debian/apache2@2.4.46-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.46-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-26690"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvkg-nrwd-e7g8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3642?format=json","vulnerability_id":"VCID-cgqk-f3fx-sfe9","summary":"Certain URIs would bypass security and allow users to invoke or access any file depending on the system configuration. Affects Windows, OS2, Netware and Cygwin platforms only.","references":[{"reference_url":"http://httpd.apache.org/info/security_bulletin_20020908a.txt","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/info/security_bulletin_20020908a.txt"},{"reference_url":"http://marc.info/?l=bugtraq&m=102892744011436&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=102892744011436&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=102951160411052&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=102951160411052&w=2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0661","reference_id":"","reference_type":"","scores":[{"value":"0.91312","scoring_system":"epss","scoring_elements":"0.99652","published_at":"2026-04-04T12:55:00Z"},{"value":"0.91312","scoring_system":"epss","scoring_elements":"0.99654","published_at":"2026-04-08T12:55:00Z"},{"value":"0.91312","scoring_system":"epss","scoring_elements":"0.99655","published_at":"2026-04-13T12:55:00Z"},{"value":"0.91312","scoring_system":"epss","scoring_elements":"0.99651","published_at":"2026-04-02T12:55:00Z"},{"value":"0.91312","scoring_system":"epss","scoring_elements":"0.99653","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0661"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0661","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0661"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www.iss.net/security_center/static/9808.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.iss.net/security_center/static/9808.php"},{"reference_url":"http://www.securityfocus.com/bid/5434","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/5434"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:win32:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:beta:win32:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.34:beta:win32:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2002-0661.json","reference_id":"CVE-2002-0661","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2002-0661.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2002-0661","reference_id":"CVE-2002-0661","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2002-0661"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/21697.txt","reference_id":"CVE-2002-0661;OSVDB-859","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/21697.txt"},{"reference_url":"https://www.securityfocus.com/bid/5434/info","reference_id":"CVE-2002-0661;OSVDB-859","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/5434/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582648?format=json","purl":"pkg:deb/debian/apache2@2.0.40?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.40%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2002-0661"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cgqk-f3fx-sfe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3725?format=json","vulnerability_id":"VCID-cn4b-1w42-gyda","summary":"An information disclosure flaw was found in mod_proxy_http in version 2.2.9 only, on Unix platforms. Under certain timeout conditions, the server could return a response intended for another user. Only those configurations which trigger the use of proxy worker pools are affected. There was no vulnerability on earlier versions, as proxy pools were not yet introduced. The simplest workaround is to globally configure:\nSetEnv proxy-nokeepalive 1","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2791.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2791.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2791","reference_id":"","reference_type":"","scores":[{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83967","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83897","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83977","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83971","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83912","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83928","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83931","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83954","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02076","scoring_system":"epss","scoring_elements":"0.83961","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2791"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60883","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/60883"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/07/30/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/07/30/1"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0659.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-0659.html"},{"reference_url":"http://www.securityfocus.com/bid/42102","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/42102"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=617523","reference_id":"617523","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=617523"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-2791.json","reference_id":"CVE-2010-2791","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-2791.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2791","reference_id":"CVE-2010-2791","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2791"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0659","reference_id":"RHSA-2010:0659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0659"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583806?format=json","purl":"pkg:deb/debian/apache2@2.2.9-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.9-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2010-2791"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cn4b-1w42-gyda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3824?format=json","vulnerability_id":"VCID-cqjv-6m9n-mfeq","summary":"A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery).\n\nThis issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44224.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44224.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44224","reference_id":"","reference_type":"","scores":[{"value":"0.1096","scoring_system":"epss","scoring_elements":"0.93382","published_at":"2026-04-01T12:55:00Z"},{"value":"0.1096","scoring_system":"epss","scoring_elements":"0.93414","published_at":"2026-04-12T12:55:00Z"},{"value":"0.1096","scoring_system":"epss","scoring_elements":"0.93409","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1096","scoring_system":"epss","scoring_elements":"0.93415","published_at":"2026-04-13T12:55:00Z"},{"value":"0.1096","scoring_system":"epss","scoring_elements":"0.9339","published_at":"2026-04-02T12:55:00Z"},{"value":"0.1096","scoring_system":"epss","scoring_elements":"0.93398","published_at":"2026-04-07T12:55:00Z"},{"value":"0.1096","scoring_system":"epss","scoring_elements":"0.93406","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44224"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034672","reference_id":"2034672","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034672"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-44224.json","reference_id":"CVE-2021-44224","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-44224.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1915","reference_id":"RHSA-2022:1915","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1915"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7143","reference_id":"RHSA-2022:7143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7144","reference_id":"RHSA-2022:7144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7144"},{"reference_url":"https://usn.ubuntu.com/5212-1/","reference_id":"USN-5212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5212-1/"},{"reference_url":"https://usn.ubuntu.com/5212-2/","reference_id":"USN-5212-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5212-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583700?format=json","purl":"pkg:deb/debian/apache2@2.4.52-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.52-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583701?format=json","purl":"pkg:deb/debian/apache2@2.4.52-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.52-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-44224"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cqjv-6m9n-mfeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3787?format=json","vulnerability_id":"VCID-ct26-19cq-8kd7","summary":"In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17199.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17199","reference_id":"","reference_type":"","scores":[{"value":"0.10459","scoring_system":"epss","scoring_elements":"0.93208","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10459","scoring_system":"epss","scoring_elements":"0.93236","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10459","scoring_system":"epss","scoring_elements":"0.9322","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10459","scoring_system":"epss","scoring_elements":"0.93228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10459","scoring_system":"epss","scoring_elements":"0.93233","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10459","scoring_system":"epss","scoring_elements":"0.93237","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10459","scoring_system":"epss","scoring_elements":"0.93234","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10459","scoring_system":"epss","scoring_elements":"0.93217","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10459","scoring_system":"epss","scoring_elements":"0.93222","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00024.html"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/5","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/5"},{"reference_url":"https://security.gentoo.org/glsa/201903-21","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-21"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190125-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190125-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us"},{"reference_url":"https://www.debian.org/security/2019/dsa-4422","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4422"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"https://www.tenable.com/security/tns-2019-09","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2019-09"},{"reference_url":"http://www.securityfocus.com/bid/106742","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106742"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668493","reference_id":"1668493","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1668493"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303","reference_id":"920303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920303"},{"reference_url":"https://security.archlinux.org/ASA-201901-14","reference_id":"ASA-201901-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201901-14"},{"reference_url":"https://security.archlinux.org/AVG-857","reference_id":"AVG-857","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-857"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-17199.json","reference_id":"CVE-2018-17199","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-17199.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17199","reference_id":"CVE-2018-17199","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-17199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4126","reference_id":"RHSA-2019:4126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1121","reference_id":"RHSA-2020:1121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1809","reference_id":"RHSA-2021:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1809"},{"reference_url":"https://usn.ubuntu.com/3937-1/","reference_id":"USN-3937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582791?format=json","purl":"pkg:deb/debian/apache2@2.4.38-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-17199"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ct26-19cq-8kd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3834?format=json","vulnerability_id":"VCID-d36c-rrxh-ybgv","summary":"In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29404.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29404.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29404","reference_id":"","reference_type":"","scores":[{"value":"0.0232","scoring_system":"epss","scoring_elements":"0.84797","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0232","scoring_system":"epss","scoring_elements":"0.84788","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0232","scoring_system":"epss","scoring_elements":"0.84806","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0232","scoring_system":"epss","scoring_elements":"0.84802","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0232","scoring_system":"epss","scoring_elements":"0.84738","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0232","scoring_system":"epss","scoring_elements":"0.84757","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0232","scoring_system":"epss","scoring_elements":"0.84759","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0232","scoring_system":"epss","scoring_elements":"0.84781","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513","reference_id":"1012513","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095012","reference_id":"2095012","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095012"},{"reference_url":"https://security.archlinux.org/AVG-2763","reference_id":"AVG-2763","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2763"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-29404.json","reference_id":"CVE-2022-29404","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-29404.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://usn.ubuntu.com/5487-1/","reference_id":"USN-5487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-1/"},{"reference_url":"https://usn.ubuntu.com/5487-3/","reference_id":"USN-5487-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583306?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583307?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-29404"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d36c-rrxh-ybgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3734?format=json","vulnerability_id":"VCID-d4rc-pnv5-6uc8","summary":"A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose \"httpOnly\" cookies when no custom ErrorDocument is specified.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0053","reference_id":"","reference_type":"","scores":[{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98088","published_at":"2026-04-07T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98081","published_at":"2026-04-01T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98084","published_at":"2026-04-02T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98093","published_at":"2026-04-09T12:55:00Z"},{"value":"0.55955","scoring_system":"epss","scoring_elements":"0.98099","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=785069","reference_id":"785069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=785069"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0053.json","reference_id":"CVE-2012-0053","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0053.json"},{"reference_url":"https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08","reference_id":"CVE-2012-0053;OSVDB-78556","reference_type":"exploit","scores":[],"url":"https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html","reference_id":"CVE-2012-0053;OSVDB-78556","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584769?format=json","purl":"pkg:deb/debian/apache2@2.2.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-0053"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4rc-pnv5-6uc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3640?format=json","vulnerability_id":"VCID-d5w4-vnbd-afdj","summary":"Malicious requests can cause various effects ranging from a relatively harmless increase in system resources through to denial of service attacks and in some cases the ability to execute arbitrary remote code.","references":[{"reference_url":"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-029.0.txt"},{"reference_url":"ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.32"},{"reference_url":"ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.31"},{"reference_url":"ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A","reference_id":"","reference_type":"","scores":[],"url":"ftp://patches.sgi.com/support/free/security/advisories/20020605-01-A"},{"reference_url":"ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I","reference_id":"","reference_type":"","scores":[],"url":"ftp://patches.sgi.com/support/free/security/advisories/20020605-01-I"},{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/bugtraq/2002-06/0235.html"},{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/bugtraq/2002-06/0266.html"},{"reference_url":"http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498","reference_id":"","reference_type":"","scores":[],"url":"http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000498"},{"reference_url":"http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039","reference_id":"","reference_type":"","scores":[],"url":"http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:039"},{"reference_url":"http://httpd.apache.org/info/security_bulletin_20020617.txt","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/info/security_bulletin_20020617.txt"},{"reference_url":"http://online.securityfocus.com/advisories/4240","reference_id":"","reference_type":"","scores":[],"url":"http://online.securityfocus.com/advisories/4240"},{"reference_url":"http://online.securityfocus.com/advisories/4257","reference_id":"","reference_type":"","scores":[],"url":"http://online.securityfocus.com/advisories/4257"},{"reference_url":"http://online.securityfocus.com/archive/1/278149","reference_id":"","reference_type":"","scores":[],"url":"http://online.securityfocus.com/archive/1/278149"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2002-103.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2002-103.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2002-117.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2002-117.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2002-118.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2002-118.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0392.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0392","reference_id":"","reference_type":"","scores":[{"value":"0.53887","scoring_system":"epss","scoring_elements":"0.98007","published_at":"2026-04-13T12:55:00Z"},{"value":"0.53887","scoring_system":"epss","scoring_elements":"0.98001","published_at":"2026-04-09T12:55:00Z"},{"value":"0.53887","scoring_system":"epss","scoring_elements":"0.98005","published_at":"2026-04-11T12:55:00Z"},{"value":"0.53887","scoring_system":"epss","scoring_elements":"0.98006","published_at":"2026-04-12T12:55:00Z"},{"value":"0.53887","scoring_system":"epss","scoring_elements":"0.97986","published_at":"2026-04-01T12:55:00Z"},{"value":"0.53887","scoring_system":"epss","scoring_elements":"0.97991","published_at":"2026-04-02T12:55:00Z"},{"value":"0.53887","scoring_system":"epss","scoring_elements":"0.97993","published_at":"2026-04-04T12:55:00Z"},{"value":"0.53887","scoring_system":"epss","scoring_elements":"0.97995","published_at":"2026-04-07T12:55:00Z"},{"value":"0.53887","scoring_system":"epss","scoring_elements":"0.97999","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0392"},{"reference_url":"http://secunia.com/advisories/21917","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/21917"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475","reference_id":"","reference_type":"","scores":[],"url":"http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000083816475"},{"reference_url":"http://www.cert.org/advisories/CA-2002-17.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.cert.org/advisories/CA-2002-17.html"},{"reference_url":"http://www.debian.org/security/2002/dsa-131","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2002/dsa-131"},{"reference_url":"http://www.debian.org/security/2002/dsa-132","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2002/dsa-132"},{"reference_url":"http://www.debian.org/security/2002/dsa-133","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2002/dsa-133"},{"reference_url":"http://www.frsirt.com/english/advisories/2006/3598","reference_id":"","reference_type":"","scores":[],"url":"http://www.frsirt.com/english/advisories/2006/3598"},{"reference_url":"http://www.iss.net/security_center/static/9249.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.iss.net/security_center/static/9249.php"},{"reference_url":"http://www.kb.cert.org/vuls/id/944335","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/944335"},{"reference_url":"http://www.linuxsecurity.com/advisories/other_advisory-2137.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.linuxsecurity.com/advisories/other_advisory-2137.html"},{"reference_url":"http://www.novell.com/linux/security/advisories/2002_22_apache.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2002_22_apache.html"},{"reference_url":"http://www.osvdb.org/838","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/838"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2002-126.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2002-126.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2002-150.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2002-150.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2003-106.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2003-106.html"},{"reference_url":"http://www.securityfocus.com/bid/20005","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/20005"},{"reference_url":"http://www.securityfocus.com/bid/5033","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/5033"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616772","reference_id":"1616772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616772"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2002-0392.json","reference_id":"CVE-2002-0392","reference_type":"","scores":[{"value":"critical","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2002-0392.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2002-0392","reference_id":"CVE-2002-0392","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2002-0392"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/21559.c","reference_id":"CVE-2002-0392;OSVDB-838","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/21559.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/21560.c","reference_id":"CVE-2002-0392;OSVDB-838","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/21560.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/16782.rb","reference_id":"CVE-2002-0392;OSVDB-838","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/16782.rb"},{"reference_url":"https://www.securityfocus.com/bid/5033/info","reference_id":"CVE-2002-0392;OSVDB-838","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/5033/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:103","reference_id":"RHSA-2002:103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:117","reference_id":"RHSA-2002:117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:118","reference_id":"RHSA-2002:118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:126","reference_id":"RHSA-2002:126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:150","reference_id":"RHSA-2002:150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:106","reference_id":"RHSA-2003:106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:106"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584609?format=json","purl":"pkg:deb/debian/apache2@2.0.37?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.37%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2002-0392"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d5w4-vnbd-afdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90323?format=json","vulnerability_id":"VCID-d645-msqp-9fby","summary":"Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument.  NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program.  Therefore this may not be a vulnerability.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005/May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005/May/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1344.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1344.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1344","reference_id":"","reference_type":"","scores":[{"value":"0.12886","scoring_system":"epss","scoring_elements":"0.94052","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12886","scoring_system":"epss","scoring_elements":"0.94011","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12886","scoring_system":"epss","scoring_elements":"0.94022","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12886","scoring_system":"epss","scoring_elements":"0.94032","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12886","scoring_system":"epss","scoring_elements":"0.94035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12886","scoring_system":"epss","scoring_elements":"0.94043","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12886","scoring_system":"epss","scoring_elements":"0.94047","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1344"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1344"},{"reference_url":"http://www.lucaercoli.it/advs/htdigest.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.lucaercoli.it/advs/htdigest.txt"},{"reference_url":"http://www.osvdb.org/12848","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/12848"},{"reference_url":"http://www.securiteam.com/unixfocus/5EP061FEKC.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.securiteam.com/unixfocus/5EP061FEKC.html"},{"reference_url":"http://www.securityfocus.com/bid/13537","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/13537"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322604","reference_id":"322604","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322604"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1344","reference_id":"CVE-2005-1344","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1344"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/25624.c","reference_id":"CVE-2005-1344;OSVDB-12848","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/25624.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/25625.c","reference_id":"CVE-2005-1344;OSVDB-12848","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/25625.c"},{"reference_url":"https://www.securityfocus.com/bid/13537/info","reference_id":"CVE-2005-1344;OSVDB-12848","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/13537/info"},{"reference_url":"https://usn.ubuntu.com/120-1/","reference_id":"USN-120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586116?format=json","purl":"pkg:deb/debian/apache2@2.0.54-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.54-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2005-1344"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d645-msqp-9fby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3680?format=json","vulnerability_id":"VCID-d66x-55ub-vkfw","summary":"An off-by-one stack overflow was discovered in the mod_ssl CRL verification callback. In order to exploit this issue the Apache server would need to be configured to use a malicious certificate revocation list (CRL)","references":[{"reference_url":"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2005-582.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2005-582.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1268.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1268","reference_id":"","reference_type":"","scores":[{"value":"0.04266","scoring_system":"epss","scoring_elements":"0.88831","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04266","scoring_system":"epss","scoring_elements":"0.88823","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04266","scoring_system":"epss","scoring_elements":"0.88836","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04266","scoring_system":"epss","scoring_elements":"0.88774","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04266","scoring_system":"epss","scoring_elements":"0.88783","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04266","scoring_system":"epss","scoring_elements":"0.88798","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04266","scoring_system":"epss","scoring_elements":"0.88801","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04266","scoring_system":"epss","scoring_elements":"0.88818","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1268"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163013","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=163013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1268","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1268"},{"reference_url":"http://secunia.com/advisories/19072","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19072"},{"reference_url":"http://secunia.com/advisories/19185","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19185"},{"reference_url":"http://securityreason.com/securityalert/604","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/604"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1346","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1346"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1714","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1714"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1747","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1747"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9589","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9589"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"},{"reference_url":"http://www.debian.org/security/2005/dsa-805","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-805"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:129","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:129"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_18_sr.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_18_sr.html"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_46_apache.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_46_apache.html"},{"reference_url":"http://www.securityfocus.com/archive/1/428138/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/428138/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/14366","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/14366"},{"reference_url":"http://www.vupen.com/english/advisories/2006/0789","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/0789"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617625","reference_id":"1617625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617625"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320048","reference_id":"320048","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=320048"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-1268.json","reference_id":"CVE-2005-1268","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-1268.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1268","reference_id":"CVE-2005-1268","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:582","reference_id":"RHSA-2005:582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:582"},{"reference_url":"https://usn.ubuntu.com/160-1/","reference_id":"USN-160-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/160-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584122?format=json","purl":"pkg:deb/debian/apache2@2.0.54-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.54-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2005-1268"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d66x-55ub-vkfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49477?format=json","vulnerability_id":"VCID-d83x-xe6y-dufr","summary":"Multiple vulnerabilities have been discovered in Apache.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6203.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6203","reference_id":"","reference_type":"","scores":[{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98777","published_at":"2026-04-01T12:55:00Z"},{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98778","published_at":"2026-04-02T12:55:00Z"},{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98781","published_at":"2026-04-04T12:55:00Z"},{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98784","published_at":"2026-04-09T12:55:00Z"},{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98785","published_at":"2026-04-08T12:55:00Z"},{"value":"0.73543","scoring_system":"epss","scoring_elements":"0.98803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.73543","scoring_system":"epss","scoring_elements":"0.98804","published_at":"2026-04-12T12:55:00Z"},{"value":"0.73543","scoring_system":"epss","scoring_elements":"0.98805","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=409831","reference_id":"409831","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=409831"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/30835.sh","reference_id":"CVE-2007-6203;OSVDB-39003","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/30835.sh"},{"reference_url":"https://www.securityfocus.com/bid/26663/info","reference_id":"CVE-2007-6203;OSVDB-39003","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/26663/info"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582273?format=json","purl":"pkg:deb/debian/apache2@2.2.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-6203"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d83x-xe6y-dufr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3816?format=json","vulnerability_id":"VCID-db6k-j9mj-e7hy","summary":"A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning.\n\nThis issue affects Apache HTTP Server 2.4.17 to 2.4.48.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33193.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33193.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33193","reference_id":"","reference_type":"","scores":[{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72839","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.729","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72879","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72892","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72917","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72846","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72866","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72841","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33193"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966728","reference_id":"1966728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966728"},{"reference_url":"https://security.archlinux.org/AVG-2289","reference_id":"AVG-2289","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2289"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-33193.json","reference_id":"CVE-2021-33193","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-33193.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1915","reference_id":"RHSA-2022:1915","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1915"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7143","reference_id":"RHSA-2022:7143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7144","reference_id":"RHSA-2022:7144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7144"},{"reference_url":"https://usn.ubuntu.com/5090-1/","reference_id":"USN-5090-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5090-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585953?format=json","purl":"pkg:deb/debian/apache2@2.4.48-3.1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.48-3.1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585954?format=json","purl":"pkg:deb/debian/apache2@2.4.48-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.48-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-33193"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-db6k-j9mj-e7hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3831?format=json","vulnerability_id":"VCID-dg2r-uz3a-dug5","summary":"Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28330.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28330","reference_id":"","reference_type":"","scores":[{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68086","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68133","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.6812","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68045","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68064","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68043","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68094","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00555","scoring_system":"epss","scoring_elements":"0.68109","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28330"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095000","reference_id":"2095000","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095000"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-28330.json","reference_id":"CVE-2022-28330","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-28330.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-28330"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dg2r-uz3a-dug5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3696?format=json","vulnerability_id":"VCID-dqkp-f1my-dbg9","summary":"A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5000","reference_id":"","reference_type":"","scores":[{"value":"0.7731","scoring_system":"epss","scoring_elements":"0.98975","published_at":"2026-04-07T12:55:00Z"},{"value":"0.7731","scoring_system":"epss","scoring_elements":"0.98968","published_at":"2026-04-01T12:55:00Z"},{"value":"0.7731","scoring_system":"epss","scoring_elements":"0.9897","published_at":"2026-04-02T12:55:00Z"},{"value":"0.7731","scoring_system":"epss","scoring_elements":"0.98972","published_at":"2026-04-04T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99015","published_at":"2026-04-13T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99012","published_at":"2026-04-09T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99013","published_at":"2026-04-11T12:55:00Z"},{"value":"0.78073","scoring_system":"epss","scoring_elements":"0.99014","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=419931","reference_id":"419931","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=419931"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-5000.json","reference_id":"CVE-2007-5000","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-5000.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583259?format=json","purl":"pkg:deb/debian/apache2@2.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-5000"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dqkp-f1my-dbg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3724?format=json","vulnerability_id":"VCID-drp9-bvkd-4kaq","summary":"An information disclosure flaw was found in mod_proxy_http in versions 2.2.9 through 2.2.15, 2.3.4-alpha and 2.3.5-alpha. Under certain timeout conditions, the server could return a response intended for another user. Only Windows, Netware and OS2 operating systems are affected. Only those configurations which trigger the use of proxy worker pools are affected. There was no vulnerability on earlier versions, as proxy pools were not yet introduced.\nThe simplest workaround is to globally configure;\nSetEnv proxy-nokeepalive 1","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"},{"reference_url":"http://mail-archives.apache.org/mod_mbox/httpd-announce/201006.mbox/%3C4C12933D.4060400%40apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"http://mail-archives.apache.org/mod_mbox/httpd-announce/201006.mbox/%3C4C12933D.4060400%40apache.org%3E"},{"reference_url":"http://marc.info/?l=apache-announce&m=128009718610929&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-announce&m=128009718610929&w=2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2068","reference_id":"","reference_type":"","scores":[{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.9239","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.9235","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92389","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92392","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92356","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92363","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92367","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92379","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08537","scoring_system":"epss","scoring_elements":"0.92384","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2068"},{"reference_url":"http://secunia.com/advisories/40206","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40206"},{"reference_url":"http://secunia.com/advisories/40824","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40824"},{"reference_url":"http://secunia.com/advisories/41480","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41480"},{"reference_url":"http://secunia.com/advisories/41490","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41490"},{"reference_url":"http://secunia.com/advisories/41722","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41722"},{"reference_url":"http://securitytracker.com/id?1024096","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1024096"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/59413","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/59413"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11491","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11491"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6931","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6931"},{"reference_url":"http://support.apple.com/kb/HT4581","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT4581"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=nas352ca0ac9460f9b8886257777005dd0e4","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=nas352ca0ac9460f9b8886257777005dd0e4"},{"reference_url":"http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/CVE-2010-2068-r953616.patch"},{"reference_url":"http://www.apache.org/dist/httpd/patches/apply_to_2.3.5/CVE-2010-2068-r953418.patch","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/patches/apply_to_2.3.5/CVE-2010-2068-r953418.patch"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=swg1PM16366","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=swg1PM16366"},{"reference_url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995","reference_id":"","reference_type":"","scores":[],"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html"},{"reference_url":"http://www.securityfocus.com/archive/1/511809/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/511809/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/40827","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40827"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1436","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/1436"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.4:alpha:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.3.4:alpha:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.4:alpha:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.5:alpha:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.3.5:alpha:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.3.5:alpha:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-2068.json","reference_id":"CVE-2010-2068","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-2068.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2068","reference_id":"CVE-2010-2068","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2068"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2010-2068"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-drp9-bvkd-4kaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3785?format=json","vulnerability_id":"VCID-e3jc-83a7-8uhh","summary":"By sending continous SETTINGS frames of maximum size an ongoing HTTP/2 connection could be kept busy and would never time out. This can be abused for a DoS on the server. This only affect a server that has enabled the h2 protocol.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11763.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11763","reference_id":"","reference_type":"","scores":[{"value":"0.17401","scoring_system":"epss","scoring_elements":"0.95033","published_at":"2026-04-01T12:55:00Z"},{"value":"0.17401","scoring_system":"epss","scoring_elements":"0.95068","published_at":"2026-04-13T12:55:00Z"},{"value":"0.17401","scoring_system":"epss","scoring_elements":"0.95064","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17401","scoring_system":"epss","scoring_elements":"0.95065","published_at":"2026-04-12T12:55:00Z"},{"value":"0.17401","scoring_system":"epss","scoring_elements":"0.95044","published_at":"2026-04-02T12:55:00Z"},{"value":"0.17401","scoring_system":"epss","scoring_elements":"0.95045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.17401","scoring_system":"epss","scoring_elements":"0.95047","published_at":"2026-04-07T12:55:00Z"},{"value":"0.17401","scoring_system":"epss","scoring_elements":"0.95055","published_at":"2026-04-08T12:55:00Z"},{"value":"0.17401","scoring_system":"epss","scoring_elements":"0.95058","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11763"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633399","reference_id":"1633399","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633399"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909591","reference_id":"909591","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909591"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-11763.json","reference_id":"CVE-2018-11763","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-11763.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0366","reference_id":"RHSA-2019:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0367","reference_id":"RHSA-2019:0367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0367"},{"reference_url":"https://usn.ubuntu.com/3783-1/","reference_id":"USN-3783-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3783-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584544?format=json","purl":"pkg:deb/debian/apache2@2.4.35-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.35-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-11763"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3jc-83a7-8uhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3840?format=json","vulnerability_id":"VCID-edvy-cern-6kcu","summary":"Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.\n\n\n\n\nConfigurations are affected when mod_proxy is enabled along with some form of RewriteRule\n or ProxyPassMatch in which a non-specific pattern matches\n some portion of the user-supplied request-target (URL) data and is then\n re-inserted into the proxied request-target using variable \nsubstitution. For example, something like:\n\n\n\n\nRewriteEngine on\nRewriteRule \"^/here/(.*)\" \"http://example.com:8080/elsewhere?$1\"; [P]\nProxyPassReverse /here/ http://example.com:8080/\n\n\nRequest splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25690.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25690.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25690","reference_id":"","reference_type":"","scores":[{"value":"0.68183","scoring_system":"epss","scoring_elements":"0.98587","published_at":"2026-04-02T12:55:00Z"},{"value":"0.68183","scoring_system":"epss","scoring_elements":"0.98591","published_at":"2026-04-04T12:55:00Z"},{"value":"0.68183","scoring_system":"epss","scoring_elements":"0.98592","published_at":"2026-04-07T12:55:00Z"},{"value":"0.68183","scoring_system":"epss","scoring_elements":"0.98595","published_at":"2026-04-08T12:55:00Z"},{"value":"0.68183","scoring_system":"epss","scoring_elements":"0.98596","published_at":"2026-04-09T12:55:00Z"},{"value":"0.68183","scoring_system":"epss","scoring_elements":"0.98598","published_at":"2026-04-11T12:55:00Z"},{"value":"0.68183","scoring_system":"epss","scoring_elements":"0.98599","published_at":"2026-04-12T12:55:00Z"},{"value":"0.68183","scoring_system":"epss","scoring_elements":"0.986","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032476","reference_id":"1032476","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032476"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2176209","reference_id":"2176209","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2176209"},{"reference_url":"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html","reference_id":"Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:37:02Z/"}],"url":"http://packetstormsecurity.com/files/176334/Apache-2.4.55-mod_proxy-HTTP-Request-Smuggling.html"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2023-25690.json","reference_id":"CVE-2023-25690","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2023-25690.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1547","reference_id":"RHSA-2023:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1547"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1593","reference_id":"RHSA-2023:1593","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1593"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1596","reference_id":"RHSA-2023:1596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1597","reference_id":"RHSA-2023:1597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1670","reference_id":"RHSA-2023:1670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1672","reference_id":"RHSA-2023:1672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1673","reference_id":"RHSA-2023:1673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1916","reference_id":"RHSA-2023:1916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1916"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3292","reference_id":"RHSA-2023:3292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://usn.ubuntu.com/5942-1/","reference_id":"USN-5942-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5942-1/"},{"reference_url":"https://usn.ubuntu.com/5942-2/","reference_id":"USN-5942-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5942-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582332?format=json","purl":"pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585553?format=json","purl":"pkg:deb/debian/apache2@2.4.56-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2023-25690"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-edvy-cern-6kcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3805?format=json","vulnerability_id":"VCID-eesz-v6ae-gya3","summary":"In Apache HTTP Server versions 2.4.20 to 2.4.43, a specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via \"H2Push off\" will mitigate this vulnerability for unpatched servers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9490.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9490.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9490","reference_id":"","reference_type":"","scores":[{"value":"0.76276","scoring_system":"epss","scoring_elements":"0.98919","published_at":"2026-04-01T12:55:00Z"},{"value":"0.76276","scoring_system":"epss","scoring_elements":"0.98929","published_at":"2026-04-13T12:55:00Z"},{"value":"0.76276","scoring_system":"epss","scoring_elements":"0.98926","published_at":"2026-04-09T12:55:00Z"},{"value":"0.76276","scoring_system":"epss","scoring_elements":"0.98928","published_at":"2026-04-11T12:55:00Z"},{"value":"0.76276","scoring_system":"epss","scoring_elements":"0.9892","published_at":"2026-04-02T12:55:00Z"},{"value":"0.76276","scoring_system":"epss","scoring_elements":"0.98922","published_at":"2026-04-04T12:55:00Z"},{"value":"0.76276","scoring_system":"epss","scoring_elements":"0.98925","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-9490"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866560","reference_id":"1866560","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866560"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2020-9490.json","reference_id":"CVE-2020-9490","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2020-9490.json"},{"reference_url":"https://security.gentoo.org/glsa/202008-04","reference_id":"GLSA-202008-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3714","reference_id":"RHSA-2020:3714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3726","reference_id":"RHSA-2020:3726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3733","reference_id":"RHSA-2020:3733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3734","reference_id":"RHSA-2020:3734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3734"},{"reference_url":"https://usn.ubuntu.com/4458-1/","reference_id":"USN-4458-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4458-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585940?format=json","purl":"pkg:deb/debian/apache2@2.4.46-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.46-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2020-9490"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eesz-v6ae-gya3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3738?format=json","vulnerability_id":"VCID-ehff-j1pz-b7e8","summary":"The modules mod_proxy_ajp and mod_proxy_http did not always close the connection to the back end server when necessary as part of error handling. This could lead to an information disclosure due to a response mixup between users.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30%40apache.org%3E"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3502.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3502.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3502","reference_id":"","reference_type":"","scores":[{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88073","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88014","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88079","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88072","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88023","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88037","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88044","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88063","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88069","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3502"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.4.3","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.4.3"},{"reference_url":"http://www.securityfocus.com/bid/55131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55131"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=850776","reference_id":"850776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=850776"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-3502.json","reference_id":"CVE-2012-3502","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-3502.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3502","reference_id":"CVE-2012-3502","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3502"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-3502"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ehff-j1pz-b7e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3791?format=json","vulnerability_id":"VCID-ehv1-yvpu-ubcg","summary":"In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html"},{"reference_url":"http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html"},{"reference_url":"http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html"},{"reference_url":"http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html"},{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0959","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://access.redhat.com/errata/RHBA-2019:0959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1543","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1543"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0211.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0211.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0211","reference_id":"","reference_type":"","scores":[{"value":"0.90159","scoring_system":"epss","scoring_elements":"0.99586","published_at":"2026-04-01T12:55:00Z"},{"value":"0.9026","scoring_system":"epss","scoring_elements":"0.99594","published_at":"2026-04-04T12:55:00Z"},{"value":"0.9026","scoring_system":"epss","scoring_elements":"0.99593","published_at":"2026-04-02T12:55:00Z"},{"value":"0.90908","scoring_system":"epss","scoring_elements":"0.99632","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/890507b85c30adf133216b299cc35cd8cd0346a885acfc671c04694e%40%3Cdev.community.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/890507b85c30adf133216b299cc35cd8cd0346a885acfc671c04694e%40%3Cdev.community.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b1613d44ec364c87bb7ee8c5939949f9b061c05c06e0e90098ebf7aa%40%3Cusers.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/b1613d44ec364c87bb7ee8c5939949f9b061c05c06e0e90098ebf7aa%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/b2bdb308dc015e771ba79c0586b2de6fb50caa98b109833f5d4daf28%40%3Cdev.community.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/b2bdb308dc015e771ba79c0586b2de6fb50caa98b109833f5d4daf28%40%3Cdev.community.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/de881a130bc9cb2f3a9ff220784520556884fb8ea80e69400a45509e%40%3Cdev.community.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/de881a130bc9cb2f3a9ff220784520556884fb8ea80e69400a45509e%40%3Cdev.community.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/16","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://seclists.org/bugtraq/2019/Apr/16"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/5","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://seclists.org/bugtraq/2019/Apr/5"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190423-0001/","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190423-0001/"},{"reference_url":"https://support.f5.com/csp/article/K32957101","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://support.f5.com/csp/article/K32957101"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0211","reference_id":"","reference_type":"","scores":[],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0211"},{"reference_url":"https://www.debian.org/security/2019/dsa-4422","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://www.debian.org/security/2019/dsa-4422"},{"reference_url":"https://www.exploit-db.com/exploits/46676/","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://www.exploit-db.com/exploits/46676/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"https://www.synology.com/security/advisory/Synology_SA_19_14","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://www.synology.com/security/advisory/Synology_SA_19_14"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.4.39","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://www.apache.org/dist/httpd/CHANGES_2.4.39"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/04/02/3","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/04/02/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/07/26/7","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/07/26/7"},{"reference_url":"http://www.securityfocus.com/bid/107666","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"http://www.securityfocus.com/bid/107666"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694980","reference_id":"1694980","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694980"},{"reference_url":"https://security.archlinux.org/ASA-201904-3","reference_id":"ASA-201904-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-3"},{"reference_url":"https://security.archlinux.org/AVG-946","reference_id":"AVG-946","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-946"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_power:3.11_ppc64le:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift_container_platform_for_power:3.11_ppc64le:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_power:3.11_ppc64le:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/cfreal/exploits/blob/ba026fae59974037d744a90cef09224f751bc3e4/CVE-2019-0211-apache/cfreal-carpediem.php","reference_id":"CVE-2019-0211","reference_type":"exploit","scores":[],"url":"https://github.com/cfreal/exploits/blob/ba026fae59974037d744a90cef09224f751bc3e4/CVE-2019-0211-apache/cfreal-carpediem.php"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46676.php","reference_id":"CVE-2019-0211","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46676.php"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-0211.json","reference_id":"CVE-2019-0211","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-0211.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0211","reference_id":"CVE-2019-0211","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:C/A:C"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0211"},{"reference_url":"https://security.gentoo.org/glsa/201904-20","reference_id":"GLSA-201904-20","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://security.gentoo.org/glsa/201904-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0746","reference_id":"RHSA-2019:0746","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0980","reference_id":"RHSA-2019:0980","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1296","reference_id":"RHSA-2019:1296","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1297","reference_id":"RHSA-2019:1297","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1297"},{"reference_url":"https://usn.ubuntu.com/3937-1/","reference_id":"USN-3937-1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:03:33Z/"}],"url":"https://usn.ubuntu.com/3937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582611?format=json","purl":"pkg:deb/debian/apache2@2.4.38-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-0211"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ehv1-yvpu-ubcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3851?format=json","vulnerability_id":"VCID-ej7y-7na3-5qby","summary":"Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in\ndirectories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI.\n\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.\n\nSome RewriteRules that capture and substitute unsafely will now fail unless rewrite flag \"UnsafeAllow3F\" is specified.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38474.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38474.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38474","reference_id":"","reference_type":"","scores":[{"value":"0.00744","scoring_system":"epss","scoring_elements":"0.73027","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00744","scoring_system":"epss","scoring_elements":"0.72979","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00744","scoring_system":"epss","scoring_elements":"0.73016","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00744","scoring_system":"epss","scoring_elements":"0.7303","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00744","scoring_system":"epss","scoring_elements":"0.73055","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00744","scoring_system":"epss","scoring_elements":"0.73034","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00744","scoring_system":"epss","scoring_elements":"0.72983","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00744","scoring_system":"epss","scoring_elements":"0.73003","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295013","reference_id":"2295013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295013"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-38474.json","reference_id":"CVE-2024-38474","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-38474.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240712-0001/","reference_id":"ntap-20240712-0001","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T18:02:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240712-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4719","reference_id":"RHSA-2024:4719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4720","reference_id":"RHSA-2024:4720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4726","reference_id":"RHSA-2024:4726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4820","reference_id":"RHSA-2024:4820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4827","reference_id":"RHSA-2024:4827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4830","reference_id":"RHSA-2024:4830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4862","reference_id":"RHSA-2024:4862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4863","reference_id":"RHSA-2024:4863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4938","reference_id":"RHSA-2024:4938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4943","reference_id":"RHSA-2024:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5239","reference_id":"RHSA-2024:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5240","reference_id":"RHSA-2024:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5240"},{"reference_url":"https://usn.ubuntu.com/6885-1/","reference_id":"USN-6885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-1/"},{"reference_url":"https://usn.ubuntu.com/6885-3/","reference_id":"USN-6885-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-3/"},{"reference_url":"https://usn.ubuntu.com/6885-5/","reference_id":"USN-6885-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585130?format=json","purl":"pkg:deb/debian/apache2@2.4.60-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.60-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585131?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585132?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-38474"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ej7y-7na3-5qby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3679?format=json","vulnerability_id":"VCID-en6m-ye18-97hk","summary":"The experimental mod_disk_cache module stored client authentication credentials for cached objects such as proxy authentication credentials and Basic Authentication passwords on disk.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1834.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1834","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40459","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40495","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40516","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40479","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40512","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40433","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40484","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43697","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43752","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617419","reference_id":"1617419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617419"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-1834.json","reference_id":"CVE-2004-1834","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-1834.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:562","reference_id":"RHSA-2004:562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:562"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585721?format=json","purl":"pkg:deb/debian/apache2@2.0.53-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.53-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-1834"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-en6m-ye18-97hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3735?format=json","vulnerability_id":"VCID-ese4-47tg-efbw","summary":"Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0883","reference_id":"","reference_type":"","scores":[{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.4166","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41584","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41671","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41698","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41626","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41684","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41707","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41674","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0883"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=813559","reference_id":"813559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=813559"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0883.json","reference_id":"CVE-2012-0883","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0883.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1594","reference_id":"RHSA-2012:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1594"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-0883"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ese4-47tg-efbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3802?format=json","vulnerability_id":"VCID-f2y3-s6j8-7ygr","summary":"Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authentication or authorization possibly configured.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17567.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17567.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17567","reference_id":"","reference_type":"","scores":[{"value":"0.12438","scoring_system":"epss","scoring_elements":"0.93865","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12438","scoring_system":"epss","scoring_elements":"0.93903","published_at":"2026-04-12T12:55:00Z"},{"value":"0.12438","scoring_system":"epss","scoring_elements":"0.93895","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12438","scoring_system":"epss","scoring_elements":"0.93898","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12438","scoring_system":"epss","scoring_elements":"0.93902","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12438","scoring_system":"epss","scoring_elements":"0.93874","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12438","scoring_system":"epss","scoring_elements":"0.93883","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12438","scoring_system":"epss","scoring_elements":"0.93886","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966740","reference_id":"1966740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966740"},{"reference_url":"https://security.archlinux.org/AVG-2053","reference_id":"AVG-2053","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-17567.json","reference_id":"CVE-2019-17567","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-17567.json"},{"reference_url":"https://security.gentoo.org/glsa/202107-38","reference_id":"GLSA-202107-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4613","reference_id":"RHSA-2021:4613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4614","reference_id":"RHSA-2021:4614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4614"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586122?format=json","purl":"pkg:deb/debian/apache2@2.4.48-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.48-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-17567"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f2y3-s6j8-7ygr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3672?format=json","vulnerability_id":"VCID-f8n9-ampd-yyah","summary":"An issue was discovered in the mod_ssl module in Apache 2.0.44-2.0.50 which could be triggered if the server is configured to allow proxying to a remote SSL server. A malicious remote SSL server could force an httpd child process to crash by sending a carefully crafted response header. This issue is not believed to allow execution of arbitrary code and will only result in a denial of service where a threaded process model is in use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0751.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0751","reference_id":"","reference_type":"","scores":[{"value":"0.47686","scoring_system":"epss","scoring_elements":"0.97706","published_at":"2026-04-13T12:55:00Z"},{"value":"0.47686","scoring_system":"epss","scoring_elements":"0.97684","published_at":"2026-04-01T12:55:00Z"},{"value":"0.47686","scoring_system":"epss","scoring_elements":"0.97691","published_at":"2026-04-02T12:55:00Z"},{"value":"0.47686","scoring_system":"epss","scoring_elements":"0.97692","published_at":"2026-04-07T12:55:00Z"},{"value":"0.47686","scoring_system":"epss","scoring_elements":"0.97697","published_at":"2026-04-08T12:55:00Z"},{"value":"0.47686","scoring_system":"epss","scoring_elements":"0.977","published_at":"2026-04-09T12:55:00Z"},{"value":"0.47686","scoring_system":"epss","scoring_elements":"0.97703","published_at":"2026-04-11T12:55:00Z"},{"value":"0.47686","scoring_system":"epss","scoring_elements":"0.97705","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617264","reference_id":"1617264","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617264"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0751.json","reference_id":"CVE-2004-0751","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0751.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/24590.txt","reference_id":"CVE-2004-0751;OSVDB-9742","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/24590.txt"},{"reference_url":"https://www.securityfocus.com/bid/11154/info","reference_id":"CVE-2004-0751;OSVDB-9742","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/11154/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:463","reference_id":"RHSA-2004:463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585958?format=json","purl":"pkg:deb/debian/apache2@2.0.50-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.50-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0751"],"risk_score":4.2,"exploitability":"2.0","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f8n9-ampd-yyah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3822?format=json","vulnerability_id":"VCID-ffpe-1ctd-77e9","summary":"A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives.\n\nIf files outside of these directories are not protected by the usual default configuration \"require all denied\", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution.\n\nThis issue is known to be exploited in the wild.\n\nThis issue only affects Apache 2.4.49 and not earlier versions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41773.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41773.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41773","reference_id":"","reference_type":"","scores":[{"value":"0.94391","scoring_system":"epss","scoring_elements":"0.99973","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41773"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/07/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/07/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/09/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/09/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/16/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/16/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/05/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/05/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010757","reference_id":"2010757","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010757"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/15/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/15/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/4","reference_id":"4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/11/4","reference_id":"4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/11/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/5","reference_id":"5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/07/6","reference_id":"6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/07/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/6","reference_id":"6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/6"},{"reference_url":"http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html","reference_id":"Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html"},{"reference_url":"http://packetstormsecurity.com/files/164418/Apache-HTTP-Server-2.4.49-Path-Traversal.html","reference_id":"Apache-HTTP-Server-2.4.49-Path-Traversal.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://packetstormsecurity.com/files/164418/Apache-HTTP-Server-2.4.49-Path-Traversal.html"},{"reference_url":"http://packetstormsecurity.com/files/164418/Apache-HTTP-Server-2.4.49-Path-Traversal-Remote-Code-Execution.html","reference_id":"Apache-HTTP-Server-2.4.49-Path-Traversal-Remote-Code-Execution.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://packetstormsecurity.com/files/164418/Apache-HTTP-Server-2.4.49-Path-Traversal-Remote-Code-Execution.html"},{"reference_url":"http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html","reference_id":"Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html"},{"reference_url":"https://security.archlinux.org/AVG-2442","reference_id":"AVG-2442","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2442"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ","reference_id":"cisco-sa-apache-httpd-pathtrv-LAzg68cZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50383.sh","reference_id":"CVE-2021-41773","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50383.sh"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-41773.json","reference_id":"CVE-2021-41773","reference_type":"","scores":[{"value":"critical","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-41773.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50512.py","reference_id":"CVE-2021-42013;CVE-2021-41773","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50512.py"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211029-0009/","reference_id":"ntap-20211029-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://security.netapp.com/advisory/ntap-20211029-0009/"},{"reference_url":"https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E","reference_id":"r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r6abf5f2ba6f1aa8b1030f95367aaf17660c4e4c78cb2338aee18982f%40%3Cusers.httpd.apache.org%3E","reference_id":"r6abf5f2ba6f1aa8b1030f95367aaf17660c4e4c78cb2338aee18982f%40%3Cusers.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://lists.apache.org/thread.html/r6abf5f2ba6f1aa8b1030f95367aaf17660c4e4c78cb2338aee18982f%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E","reference_id":"r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r98d704ed4377ed889d40479db79ed1ee2f43b2ebdd79ce84b042df45%40%3Cannounce.apache.org%3E","reference_id":"r98d704ed4377ed889d40479db79ed1ee2f43b2ebdd79ce84b042df45%40%3Cannounce.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://lists.apache.org/thread.html/r98d704ed4377ed889d40479db79ed1ee2f43b2ebdd79ce84b042df45%40%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E","reference_id":"rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/","reference_id":"RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/","reference_id":"WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:41:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585412?format=json","purl":"pkg:deb/debian/apache2@2.4.50-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.50-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-41773"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ffpe-1ctd-77e9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3703?format=json","vulnerability_id":"VCID-fn5k-e2jr-6ube","summary":"A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage.","references":[{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01539432"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2008-0967.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2008-0967.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2364.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2364","reference_id":"","reference_type":"","scores":[{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84461","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84471","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84465","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84404","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84424","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84426","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84448","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02213","scoring_system":"epss","scoring_elements":"0.84453","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364"},{"reference_url":"http://secunia.com/advisories/30621","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30621"},{"reference_url":"http://secunia.com/advisories/31026","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31026"},{"reference_url":"http://secunia.com/advisories/31404","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31404"},{"reference_url":"http://secunia.com/advisories/31416","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31416"},{"reference_url":"http://secunia.com/advisories/31651","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31651"},{"reference_url":"http://secunia.com/advisories/31904","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31904"},{"reference_url":"http://secunia.com/advisories/32222","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32222"},{"reference_url":"http://secunia.com/advisories/32685","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32685"},{"reference_url":"http://secunia.com/advisories/32838","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32838"},{"reference_url":"http://secunia.com/advisories/33156","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33156"},{"reference_url":"http://secunia.com/advisories/33797","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33797"},{"reference_url":"http://secunia.com/advisories/34219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34219"},{"reference_url":"http://secunia.com/advisories/34259","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34259"},{"reference_url":"http://secunia.com/advisories/34418","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34418"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200807-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200807-06.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42987","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42987"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11713"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6084"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9577"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1"},{"reference_url":"http://support.apple.com/kb/HT3216","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3216"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=666154&r2=666153&pathrev=666154"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00153.html"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg27008517","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg27008517"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK67579"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:237","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:237"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0966.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0966.html"},{"reference_url":"http://www.securityfocus.com/archive/1/494858/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/494858/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/498567/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/498567/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/29653","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29653"},{"reference_url":"http://www.securityfocus.com/bid/31681","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31681"},{"reference_url":"http://www.securitytracker.com/id?1020267","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020267"},{"reference_url":"http://www.ubuntu.com/usn/USN-731-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-731-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1798","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1798"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2780","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2780"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0320","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0320"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=451615","reference_id":"451615","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=451615"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-2364.json","reference_id":"CVE-2008-2364","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-2364.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2364","reference_id":"CVE-2008-2364","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2364"},{"reference_url":"https://security.gentoo.org/glsa/200807-06","reference_id":"GLSA-200807-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0967","reference_id":"RHSA-2008:0967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0967"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585525?format=json","purl":"pkg:deb/debian/apache2@2.2.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2008-2364"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fn5k-e2jr-6ube"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3753?format=json","vulnerability_id":"VCID-fnxp-n271-mfd8","summary":"A NULL pointer deference was found in mod_cache. A malicious HTTP server could cause a crash in a caching forward proxy configuration. This crash would only be a denial of service if using a threaded MPM.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0325.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0325.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3581.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3581.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3581","reference_id":"","reference_type":"","scores":[{"value":"0.04809","scoring_system":"epss","scoring_elements":"0.89497","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04809","scoring_system":"epss","scoring_elements":"0.89459","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04809","scoring_system":"epss","scoring_elements":"0.89504","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04809","scoring_system":"epss","scoring_elements":"0.89501","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04809","scoring_system":"epss","scoring_elements":"0.89463","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04809","scoring_system":"epss","scoring_elements":"0.89474","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04809","scoring_system":"epss","scoring_elements":"0.89475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04809","scoring_system":"epss","scoring_elements":"0.89491","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04809","scoring_system":"epss","scoring_elements":"0.89495","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3581"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/97027","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/97027"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://support.apple.com/HT205219","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT205219"},{"reference_url":"https://support.apple.com/kb/HT205031","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT205031"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup&pathrev=1627749","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?view=markup&pathrev=1627749"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1624234","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1624234"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/71656","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71656"},{"reference_url":"http://www.securitytracker.com/id/1031005","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031005"},{"reference_url":"http://www.ubuntu.com/usn/USN-2523-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2523-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1149709","reference_id":"1149709","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1149709"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-3581.json","reference_id":"CVE-2014-3581","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-3581.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3581","reference_id":"CVE-2014-3581","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3581"},{"reference_url":"https://security.gentoo.org/glsa/201610-02","reference_id":"GLSA-201610-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1972","reference_id":"RHSA-2014:1972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0325","reference_id":"RHSA-2015:0325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2661","reference_id":"RHSA-2015:2661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2661"},{"reference_url":"https://usn.ubuntu.com/2523-1/","reference_id":"USN-2523-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2523-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583962?format=json","purl":"pkg:deb/debian/apache2@2.4.10-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2014-3581"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fnxp-n271-mfd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3670?format=json","vulnerability_id":"VCID-fq9j-uewn-q7h7","summary":"A buffer overflow was found in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0747.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0747.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0747","reference_id":"","reference_type":"","scores":[{"value":"0.01437","scoring_system":"epss","scoring_elements":"0.80669","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01437","scoring_system":"epss","scoring_elements":"0.80639","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01437","scoring_system":"epss","scoring_elements":"0.80647","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01437","scoring_system":"epss","scoring_elements":"0.80697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01437","scoring_system":"epss","scoring_elements":"0.80705","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01437","scoring_system":"epss","scoring_elements":"0.80719","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01437","scoring_system":"epss","scoring_elements":"0.80702","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01437","scoring_system":"epss","scoring_elements":"0.80692","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01437","scoring_system":"epss","scoring_elements":"0.80664","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0747"},{"reference_url":"http://www.trustix.org/errata/2004/0047/","reference_id":"0047","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.trustix.org/errata/2004/0047/"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1233","reference_id":"1233","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.vupen.com/english/advisories/2009/1233"},{"reference_url":"http://secunia.com/advisories/12540","reference_id":"12540","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://secunia.com/advisories/12540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617261","reference_id":"1617261","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617261"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17384","reference_id":"17384","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17384"},{"reference_url":"http://www.novell.com/linux/security/advisories/2004_32_apache2.html","reference_id":"2004_32_apache2.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.novell.com/linux/security/advisories/2004_32_apache2.html"},{"reference_url":"http://secunia.com/advisories/34920","reference_id":"34920","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://secunia.com/advisories/34920"},{"reference_url":"http://www.kb.cert.org/vuls/id/481998","reference_id":"481998","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.kb.cert.org/vuls/id/481998"},{"reference_url":"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096","reference_id":"advisory.php?name=MDKSA-2004:096","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:096"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0747.json","reference_id":"CVE-2004-0747","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0747.json"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml","reference_id":"glsa-200409-21.xml","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.gentoo.org/security/en/glsa/glsa-200409-21.xml"},{"reference_url":"http://securitytracker.com/id?1011303","reference_id":"id?1011303","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://securitytracker.com/id?1011303"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A11561","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11561"},{"reference_url":"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147","reference_id":"phpsupcontent?contentID=205147","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:463","reference_id":"RHSA-2004:463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:463"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2004-463.html","reference_id":"RHSA-2004-463.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-05T21:31:51Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2004-463.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584666?format=json","purl":"pkg:deb/debian/apache2@2.0.51?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.51%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0747"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fq9j-uewn-q7h7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3782?format=json","vulnerability_id":"VCID-fqem-96w3-rucb","summary":"When generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed across servers by an attacker without detection.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1312.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1312.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1312","reference_id":"","reference_type":"","scores":[{"value":"0.0728","scoring_system":"epss","scoring_elements":"0.91622","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0728","scoring_system":"epss","scoring_elements":"0.91663","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0728","scoring_system":"epss","scoring_elements":"0.91661","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0728","scoring_system":"epss","scoring_elements":"0.91664","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0728","scoring_system":"epss","scoring_elements":"0.91667","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0728","scoring_system":"epss","scoring_elements":"0.91629","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0728","scoring_system":"epss","scoring_elements":"0.91634","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0728","scoring_system":"epss","scoring_elements":"0.91642","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0728","scoring_system":"epss","scoring_elements":"0.91655","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560634","reference_id":"1560634","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560634"},{"reference_url":"https://security.archlinux.org/ASA-201804-4","reference_id":"ASA-201804-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201804-4"},{"reference_url":"https://security.archlinux.org/AVG-664","reference_id":"AVG-664","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-664"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-1312.json","reference_id":"CVE-2018-1312","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-1312.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0366","reference_id":"RHSA-2019:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0367","reference_id":"RHSA-2019:0367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1898","reference_id":"RHSA-2019:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1898"},{"reference_url":"https://usn.ubuntu.com/3627-1/","reference_id":"USN-3627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-1/"},{"reference_url":"https://usn.ubuntu.com/3627-2/","reference_id":"USN-3627-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-2/"},{"reference_url":"https://usn.ubuntu.com/3937-2/","reference_id":"USN-3937-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3937-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584735?format=json","purl":"pkg:deb/debian/apache2@2.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-1312"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fqem-96w3-rucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3871?format=json","vulnerability_id":"VCID-fsh3-7b9j-dfgf","summary":"Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs.\n\nThis issue affects Apache HTTP Server from 2.4.0 through 2.4.65.\n\nUsers are recommended to upgrade to version 2.4.66 which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65082.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65082.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65082","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36463","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.3643","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37416","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37463","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37477","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37443","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37399","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37451","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65082"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926","reference_id":"1121926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419139","reference_id":"2419139","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419139"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-65082.json","reference_id":"CVE-2025-65082","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-65082.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23732","reference_id":"RHSA-2025:23732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23732"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23919","reference_id":"RHSA-2025:23919","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23932","reference_id":"RHSA-2025:23932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2994","reference_id":"RHSA-2026:2994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2995","reference_id":"RHSA-2026:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2995"},{"reference_url":"https://usn.ubuntu.com/7968-1/","reference_id":"USN-7968-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7968-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583891?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583892?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583893?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-65082"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fsh3-7b9j-dfgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3850?format=json","vulnerability_id":"VCID-ftjw-9fb6-d3cw","summary":"Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38473.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38473.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38473","reference_id":"","reference_type":"","scores":[{"value":"0.88261","scoring_system":"epss","scoring_elements":"0.99492","published_at":"2026-04-13T12:55:00Z"},{"value":"0.88261","scoring_system":"epss","scoring_elements":"0.99486","published_at":"2026-04-02T12:55:00Z"},{"value":"0.88261","scoring_system":"epss","scoring_elements":"0.99488","published_at":"2026-04-04T12:55:00Z"},{"value":"0.88261","scoring_system":"epss","scoring_elements":"0.9949","published_at":"2026-04-07T12:55:00Z"},{"value":"0.88261","scoring_system":"epss","scoring_elements":"0.99491","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295012","reference_id":"2295012","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295012"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-38473.json","reference_id":"CVE-2024-38473","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-38473.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240712-0001/","reference_id":"ntap-20240712-0001","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-24T13:55:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240712-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4720","reference_id":"RHSA-2024:4720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4726","reference_id":"RHSA-2024:4726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5001","reference_id":"RHSA-2024:5001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5239","reference_id":"RHSA-2024:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5240","reference_id":"RHSA-2024:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5240"},{"reference_url":"https://usn.ubuntu.com/6885-1/","reference_id":"USN-6885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585130?format=json","purl":"pkg:deb/debian/apache2@2.4.60-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.60-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585131?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585132?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-38473"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ftjw-9fb6-d3cw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3772?format=json","vulnerability_id":"VCID-fyrq-yg2u-jkc7","summary":"mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7679","reference_id":"","reference_type":"","scores":[{"value":"0.30062","scoring_system":"epss","scoring_elements":"0.96661","published_at":"2026-04-13T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96725","published_at":"2026-04-02T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96715","published_at":"2026-04-01T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.9673","published_at":"2026-04-07T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96738","published_at":"2026-04-08T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96739","published_at":"2026-04-09T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96742","published_at":"2026-04-12T12:55:00Z"},{"value":"0.31057","scoring_system":"epss","scoring_elements":"0.96726","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463207","reference_id":"1463207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463207"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-7679.json","reference_id":"CVE-2017-7679","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-7679.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584426?format=json","purl":"pkg:deb/debian/apache2@2.4.25-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-7679"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fyrq-yg2u-jkc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3708?format=json","vulnerability_id":"VCID-fysz-5mr6-fbf1","summary":"A denial of service flaw was found in the mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1890.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1890.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1890","reference_id":"","reference_type":"","scores":[{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97208","published_at":"2026-04-13T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.9718","published_at":"2026-04-01T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97186","published_at":"2026-04-02T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97192","published_at":"2026-04-04T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97193","published_at":"2026-04-07T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97202","published_at":"2026-04-08T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97204","published_at":"2026-04-09T12:55:00Z"},{"value":"0.3787","scoring_system":"epss","scoring_elements":"0.97207","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1890"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=509375","reference_id":"509375","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=509375"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536718","reference_id":"536718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536718"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1890.json","reference_id":"CVE-2009-1890","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1890.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-04","reference_id":"GLSA-200907-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1148","reference_id":"RHSA-2009:1148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1155","reference_id":"RHSA-2009:1155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://usn.ubuntu.com/802-1/","reference_id":"USN-802-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/802-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585122?format=json","purl":"pkg:deb/debian/apache2@2.2.11-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.11-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2009-1890"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fysz-5mr6-fbf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3691?format=json","vulnerability_id":"VCID-fz8c-b8r4-1yb8","summary":"A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-20001.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-20001.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-20001","reference_id":"","reference_type":"","scores":[{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63154","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63157","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63174","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63191","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63176","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.6311","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.6314","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00439","scoring_system":"epss","scoring_elements":"0.63105","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-20001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2161774","reference_id":"2161774","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2161774"},{"reference_url":"https://security.archlinux.org/AVG-2824","reference_id":"AVG-2824","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2824"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2006-20001.json","reference_id":"CVE-2006-20001","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2006-20001.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0852","reference_id":"RHSA-2023:0852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0970","reference_id":"RHSA-2023:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3354","reference_id":"RHSA-2023:3354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3355","reference_id":"RHSA-2023:3355","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3355"},{"reference_url":"https://usn.ubuntu.com/5834-1/","reference_id":"USN-5834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5834-1/"},{"reference_url":"https://usn.ubuntu.com/5839-1/","reference_id":"USN-5839-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5839-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582331?format=json","purl":"pkg:deb/debian/apache2@2.4.55-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.55-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582332?format=json","purl":"pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2006-20001"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz8c-b8r4-1yb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3673?format=json","vulnerability_id":"VCID-g1jc-8vza-u3ad","summary":"Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. One some BSD systems it is believed this flaw may be able to lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0786.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0786.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0786","reference_id":"","reference_type":"","scores":[{"value":"0.48362","scoring_system":"epss","scoring_elements":"0.97742","published_at":"2026-04-13T12:55:00Z"},{"value":"0.48362","scoring_system":"epss","scoring_elements":"0.97719","published_at":"2026-04-01T12:55:00Z"},{"value":"0.48362","scoring_system":"epss","scoring_elements":"0.97726","published_at":"2026-04-02T12:55:00Z"},{"value":"0.48362","scoring_system":"epss","scoring_elements":"0.97728","published_at":"2026-04-07T12:55:00Z"},{"value":"0.48362","scoring_system":"epss","scoring_elements":"0.97733","published_at":"2026-04-08T12:55:00Z"},{"value":"0.48362","scoring_system":"epss","scoring_elements":"0.97736","published_at":"2026-04-09T12:55:00Z"},{"value":"0.48362","scoring_system":"epss","scoring_elements":"0.97739","published_at":"2026-04-11T12:55:00Z"},{"value":"0.48362","scoring_system":"epss","scoring_elements":"0.97741","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0786"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617289","reference_id":"1617289","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617289"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0786.json","reference_id":"CVE-2004-0786","reference_type":"","scores":[{"value":"critical","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0786.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:463","reference_id":"RHSA-2004:463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584666?format=json","purl":"pkg:deb/debian/apache2@2.0.51?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.51%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0786"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g1jc-8vza-u3ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3704?format=json","vulnerability_id":"VCID-g2pp-aahn-mfcd","summary":"A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=123376588623823&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=125631037611762&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2008-0967.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2008-0967.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2939","reference_id":"","reference_type":"","scores":[{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98456","published_at":"2026-04-13T12:55:00Z"},{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98449","published_at":"2026-04-07T12:55:00Z"},{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98452","published_at":"2026-04-08T12:55:00Z"},{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98453","published_at":"2026-04-09T12:55:00Z"},{"value":"0.6456","scoring_system":"epss","scoring_elements":"0.98457","published_at":"2026-04-11T12:55:00Z"},{"value":"0.71247","scoring_system":"epss","scoring_elements":"0.98703","published_at":"2026-04-02T12:55:00Z"},{"value":"0.71247","scoring_system":"epss","scoring_elements":"0.98707","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939"},{"reference_url":"http://secunia.com/advisories/31384","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31384"},{"reference_url":"http://secunia.com/advisories/31673","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31673"},{"reference_url":"http://secunia.com/advisories/32685","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32685"},{"reference_url":"http://secunia.com/advisories/32838","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32838"},{"reference_url":"http://secunia.com/advisories/33156","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33156"},{"reference_url":"http://secunia.com/advisories/33797","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33797"},{"reference_url":"http://secunia.com/advisories/34219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34219"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35074"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44223","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/44223"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=682868","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=682868"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=682870","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=682870"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=682871","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=682871"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2008-0327","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/Advisories:rPSA-2008-0327"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937"},{"reference_url":"http://www.kb.cert.org/vuls/id/663763","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/663763"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:194","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:194"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:195"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124"},{"reference_url":"http://www.rapid7.com/advisories/R7-0033","reference_id":"","reference_type":"","scores":[],"url":"http://www.rapid7.com/advisories/R7-0033"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0966.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0966.html"},{"reference_url":"http://www.securityfocus.com/archive/1/495180/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495180/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/498566/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/498566/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/498567/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/498567/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30560","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30560"},{"reference_url":"http://www.securitytracker.com/id?1020635","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020635"},{"reference_url":"http://www.ubuntu.com/usn/USN-731-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-731-1"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2315","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2315"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2461","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2461"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0320","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0320"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458250","reference_id":"458250","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458250"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-2939.json","reference_id":"CVE-2008-2939","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-2939.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2939","reference_id":"CVE-2008-2939","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-2939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0967","reference_id":"RHSA-2008:0967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0967"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585170?format=json","purl":"pkg:deb/debian/apache2@2.2.9-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.9-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2008-2939"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g2pp-aahn-mfcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3829?format=json","vulnerability_id":"VCID-g55m-t4s1-nfhv","summary":"Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data.\n\nThis issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23943.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23943.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23943","reference_id":"","reference_type":"","scores":[{"value":"0.60552","scoring_system":"epss","scoring_elements":"0.98286","published_at":"2026-04-13T12:55:00Z"},{"value":"0.60552","scoring_system":"epss","scoring_elements":"0.98284","published_at":"2026-04-11T12:55:00Z"},{"value":"0.60552","scoring_system":"epss","scoring_elements":"0.98285","published_at":"2026-04-12T12:55:00Z"},{"value":"0.60552","scoring_system":"epss","scoring_elements":"0.98273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.60552","scoring_system":"epss","scoring_elements":"0.98275","published_at":"2026-04-07T12:55:00Z"},{"value":"0.60552","scoring_system":"epss","scoring_elements":"0.9828","published_at":"2026-04-08T12:55:00Z"},{"value":"0.60552","scoring_system":"epss","scoring_elements":"0.98281","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23943","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23943"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064319","reference_id":"2064319","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064319"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-23943.json","reference_id":"CVE-2022-23943","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-23943.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5333-1/","reference_id":"USN-5333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5333-1/"},{"reference_url":"https://usn.ubuntu.com/5333-2/","reference_id":"USN-5333-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5333-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583022?format=json","purl":"pkg:deb/debian/apache2@2.4.53-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.53-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583023?format=json","purl":"pkg:deb/debian/apache2@2.4.53-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.53-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-23943"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g55m-t4s1-nfhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3814?format=json","vulnerability_id":"VCID-g6xr-qtwz-2yaq","summary":"Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF'","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30641.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30641.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30641","reference_id":"","reference_type":"","scores":[{"value":"0.36362","scoring_system":"epss","scoring_elements":"0.97082","published_at":"2026-04-01T12:55:00Z"},{"value":"0.36362","scoring_system":"epss","scoring_elements":"0.97111","published_at":"2026-04-13T12:55:00Z"},{"value":"0.36362","scoring_system":"epss","scoring_elements":"0.97105","published_at":"2026-04-09T12:55:00Z"},{"value":"0.36362","scoring_system":"epss","scoring_elements":"0.97109","published_at":"2026-04-11T12:55:00Z"},{"value":"0.36362","scoring_system":"epss","scoring_elements":"0.9711","published_at":"2026-04-12T12:55:00Z"},{"value":"0.36362","scoring_system":"epss","scoring_elements":"0.97089","published_at":"2026-04-02T12:55:00Z"},{"value":"0.36362","scoring_system":"epss","scoring_elements":"0.97094","published_at":"2026-04-04T12:55:00Z"},{"value":"0.36362","scoring_system":"epss","scoring_elements":"0.97095","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966743","reference_id":"1966743","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966743"},{"reference_url":"https://security.archlinux.org/AVG-2053","reference_id":"AVG-2053","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2053"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-30641.json","reference_id":"CVE-2021-30641","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-30641.json"},{"reference_url":"https://security.gentoo.org/glsa/202107-38","reference_id":"GLSA-202107-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4257","reference_id":"RHSA-2021:4257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4613","reference_id":"RHSA-2021:4613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4614","reference_id":"RHSA-2021:4614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4614"},{"reference_url":"https://usn.ubuntu.com/4994-1/","reference_id":"USN-4994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4994-1/"},{"reference_url":"https://usn.ubuntu.com/4994-2/","reference_id":"USN-4994-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4994-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585157?format=json","purl":"pkg:deb/debian/apache2@2.4.46-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.46-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-30641"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g6xr-qtwz-2yaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83872?format=json","vulnerability_id":"VCID-ge2x-rh2r-kqb2","summary":"httpd: # character matches all IPs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12171.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12171.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12171","reference_id":"","reference_type":"","scores":[{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81318","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81327","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81349","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81347","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81376","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81381","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81402","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.8139","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01543","scoring_system":"epss","scoring_elements":"0.81382","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12171"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1493056","reference_id":"1493056","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1493056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2972","reference_id":"RHSA-2017:2972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2972"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-12171"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ge2x-rh2r-kqb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3653?format=json","vulnerability_id":"VCID-ggje-ade3-n3hg","summary":"Apache 2.0 versions before Apache 2.0.45 had a significant Denial of Service vulnerability. Remote attackers could cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0132.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0132.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0132","reference_id":"","reference_type":"","scores":[{"value":"0.85004","scoring_system":"epss","scoring_elements":"0.99352","published_at":"2026-04-13T12:55:00Z"},{"value":"0.85004","scoring_system":"epss","scoring_elements":"0.99343","published_at":"2026-04-01T12:55:00Z"},{"value":"0.85004","scoring_system":"epss","scoring_elements":"0.99344","published_at":"2026-04-02T12:55:00Z"},{"value":"0.85004","scoring_system":"epss","scoring_elements":"0.99345","published_at":"2026-04-04T12:55:00Z"},{"value":"0.85004","scoring_system":"epss","scoring_elements":"0.99347","published_at":"2026-04-07T12:55:00Z"},{"value":"0.85004","scoring_system":"epss","scoring_elements":"0.99348","published_at":"2026-04-08T12:55:00Z"},{"value":"0.85004","scoring_system":"epss","scoring_elements":"0.99349","published_at":"2026-04-09T12:55:00Z"},{"value":"0.85004","scoring_system":"epss","scoring_elements":"0.9935","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0132"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0132","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0132"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616977","reference_id":"1616977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616977"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0132.json","reference_id":"CVE-2003-0132","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0132.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/11.c","reference_id":"OSVDB-9712;CVE-2003-0132","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/11.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9.c","reference_id":"OSVDB-9712;CVE-2003-0132","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:139","reference_id":"RHSA-2003:139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:139"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582642?format=json","purl":"pkg:deb/debian/apache2@2.0.45?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.45%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0132"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggje-ade3-n3hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3756?format=json","vulnerability_id":"VCID-gqat-458a-67g2","summary":"A stack recursion crash in the mod_lua module was found. A Lua script executing the r:wsupgrade() function could crash the process if a malicious client sent a carefully crafted PING request. This issue affected releases 2.4.7 through 2.4.12 inclusive.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0228.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0228.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0228","reference_id":"","reference_type":"","scores":[{"value":"0.18715","scoring_system":"epss","scoring_elements":"0.95283","published_at":"2026-04-13T12:55:00Z"},{"value":"0.18715","scoring_system":"epss","scoring_elements":"0.95245","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18715","scoring_system":"epss","scoring_elements":"0.95257","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18715","scoring_system":"epss","scoring_elements":"0.9526","published_at":"2026-04-04T12:55:00Z"},{"value":"0.18715","scoring_system":"epss","scoring_elements":"0.95264","published_at":"2026-04-07T12:55:00Z"},{"value":"0.18715","scoring_system":"epss","scoring_elements":"0.95272","published_at":"2026-04-08T12:55:00Z"},{"value":"0.18715","scoring_system":"epss","scoring_elements":"0.95275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.18715","scoring_system":"epss","scoring_elements":"0.9528","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0228"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202988","reference_id":"1202988","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1202988"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2015-0228.json","reference_id":"CVE-2015-0228","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2015-0228.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1666","reference_id":"RHSA-2015:1666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1666"},{"reference_url":"https://usn.ubuntu.com/2523-1/","reference_id":"USN-2523-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2523-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585543?format=json","purl":"pkg:deb/debian/apache2@2.4.10-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2015-0228"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqat-458a-67g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3731?format=json","vulnerability_id":"VCID-gu44-7hkr-muae","summary":"An additional exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4317","reference_id":"","reference_type":"","scores":[{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99197","published_at":"2026-04-04T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99193","published_at":"2026-04-01T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99203","published_at":"2026-04-12T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99201","published_at":"2026-04-13T12:55:00Z"},{"value":"0.81918","scoring_system":"epss","scoring_elements":"0.99202","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=756483","reference_id":"756483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=756483"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-4317.json","reference_id":"CVE-2011-4317","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-4317.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt","reference_id":"CVE-2011-4317;OSVDB-77310","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt"},{"reference_url":"https://www.securityfocus.com/bid/50802/info","reference_id":"CVE-2011-4317;OSVDB-77310","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/50802/info"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583144?format=json","purl":"pkg:deb/debian/apache2@2.2.21-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.21-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2011-4317"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gu44-7hkr-muae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3835?format=json","vulnerability_id":"VCID-gv84-vfvh-y7hu","summary":"If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30522.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30522.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30522","reference_id":"","reference_type":"","scores":[{"value":"0.11589","scoring_system":"epss","scoring_elements":"0.93644","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11589","scoring_system":"epss","scoring_elements":"0.93636","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11589","scoring_system":"epss","scoring_elements":"0.93638","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11589","scoring_system":"epss","scoring_elements":"0.93643","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11589","scoring_system":"epss","scoring_elements":"0.93616","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11589","scoring_system":"epss","scoring_elements":"0.93625","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11589","scoring_system":"epss","scoring_elements":"0.93627","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513","reference_id":"1012513","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095015","reference_id":"2095015","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095015"},{"reference_url":"https://security.archlinux.org/AVG-2763","reference_id":"AVG-2763","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2763"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-30522.json","reference_id":"CVE-2022-30522","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-30522.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5487-1/","reference_id":"USN-5487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-1/"},{"reference_url":"https://usn.ubuntu.com/5487-3/","reference_id":"USN-5487-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583306?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583307?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-30522"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gv84-vfvh-y7hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3801?format=json","vulnerability_id":"VCID-h6kk-81jx-h7b8","summary":"Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10098.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10098","reference_id":"","reference_type":"","scores":[{"value":"0.80306","scoring_system":"epss","scoring_elements":"0.99111","published_at":"2026-04-01T12:55:00Z"},{"value":"0.80306","scoring_system":"epss","scoring_elements":"0.99114","published_at":"2026-04-04T12:55:00Z"},{"value":"0.80306","scoring_system":"epss","scoring_elements":"0.99119","published_at":"2026-04-11T12:55:00Z"},{"value":"0.80306","scoring_system":"epss","scoring_elements":"0.99117","published_at":"2026-04-07T12:55:00Z"},{"value":"0.80306","scoring_system":"epss","scoring_elements":"0.99112","published_at":"2026-04-02T12:55:00Z"},{"value":"0.80306","scoring_system":"epss","scoring_elements":"0.9912","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5d12ffc80685b0df1d6801e68000a7707dd694fe32e4f221de67c210%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/04/01/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/04/01/4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743959","reference_id":"1743959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743959"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/","reference_id":"CVE-2019-10098","reference_type":"exploit","scores":[],"url":"https://0day.work/open-redirects-in-improperly-configured-mod_rewrite-rules-poc-for-cve-2019-10098/"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md","reference_id":"CVE-2019-10098","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/47689.md"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-10098.json","reference_id":"CVE-2019-10098","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-10098.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10098","reference_id":"CVE-2019-10098","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10098"},{"reference_url":"https://security.gentoo.org/glsa/201909-04","reference_id":"GLSA-201909-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1336","reference_id":"RHSA-2020:1336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1337","reference_id":"RHSA-2020:1337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2263","reference_id":"RHSA-2020:2263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3958","reference_id":"RHSA-2020:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/4113-1/","reference_id":"USN-4113-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4113-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585842?format=json","purl":"pkg:deb/debian/apache2@2.4.41-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.41-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-10098"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6kk-81jx-h7b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61782?format=json","vulnerability_id":"VCID-h6km-ryp2-6ufa","summary":"Multiple vulnerabilities have been discovered in Apache HTTP\n    Server, possibly allowing remote attackers to execute arbitrary code, cause\n    a Denial of Service condition or perform man-in-the-middle attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6750.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6750.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6750","reference_id":"","reference_type":"","scores":[{"value":"0.82529","scoring_system":"epss","scoring_elements":"0.99222","published_at":"2026-04-01T12:55:00Z"},{"value":"0.82529","scoring_system":"epss","scoring_elements":"0.99223","published_at":"2026-04-02T12:55:00Z"},{"value":"0.82529","scoring_system":"epss","scoring_elements":"0.99226","published_at":"2026-04-04T12:55:00Z"},{"value":"0.82529","scoring_system":"epss","scoring_elements":"0.9923","published_at":"2026-04-07T12:55:00Z"},{"value":"0.82529","scoring_system":"epss","scoring_elements":"0.99231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.82529","scoring_system":"epss","scoring_elements":"0.99232","published_at":"2026-04-12T12:55:00Z"},{"value":"0.82529","scoring_system":"epss","scoring_elements":"0.99233","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=508238","reference_id":"508238","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=508238"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=533661","reference_id":"533661","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=533661"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586264?format=json","purl":"pkg:deb/debian/apache2@2.2.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-6750"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6km-ryp2-6ufa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3866?format=json","vulnerability_id":"VCID-ha7f-21gy-3qa2","summary":"Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server.\n\nThis issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63.\n\nUsers are recommended to upgrade to version 2.4.64, which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53020.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53020","reference_id":"","reference_type":"","scores":[{"value":"0.00918","scoring_system":"epss","scoring_elements":"0.75875","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00918","scoring_system":"epss","scoring_elements":"0.75907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01211","scoring_system":"epss","scoring_elements":"0.78995","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01211","scoring_system":"epss","scoring_elements":"0.78997","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01211","scoring_system":"epss","scoring_elements":"0.79021","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01211","scoring_system":"epss","scoring_elements":"0.79006","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01211","scoring_system":"epss","scoring_elements":"0.78966","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01211","scoring_system":"epss","scoring_elements":"0.7899","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53020"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53020"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379343","reference_id":"2379343","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379343"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-53020.json","reference_id":"CVE-2025-53020","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-53020.json"},{"reference_url":"https://usn.ubuntu.com/7639-1/","reference_id":"USN-7639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-1/"},{"reference_url":"https://usn.ubuntu.com/7639-2/","reference_id":"USN-7639-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584089?format=json","purl":"pkg:deb/debian/apache2@2.4.64-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.64-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584090?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584091?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-53020"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ha7f-21gy-3qa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3821?format=json","vulnerability_id":"VCID-hj5r-jms3-x3fe","summary":"While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing,\nallowing an external source to DoS the server. This requires a specially crafted request. \n\nThe vulnerability was recently introduced in version 2.4.49. No exploit is known to the project.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41524.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41524","reference_id":"","reference_type":"","scores":[{"value":"0.07103","scoring_system":"epss","scoring_elements":"0.91488","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07103","scoring_system":"epss","scoring_elements":"0.91533","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07103","scoring_system":"epss","scoring_elements":"0.91534","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07103","scoring_system":"epss","scoring_elements":"0.91535","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07103","scoring_system":"epss","scoring_elements":"0.91495","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07103","scoring_system":"epss","scoring_elements":"0.91502","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07103","scoring_system":"epss","scoring_elements":"0.9151","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07103","scoring_system":"epss","scoring_elements":"0.91523","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07103","scoring_system":"epss","scoring_elements":"0.91529","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41524"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010934","reference_id":"2010934","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2010934"},{"reference_url":"https://security.archlinux.org/AVG-2442","reference_id":"AVG-2442","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2442"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-41524.json","reference_id":"CVE-2021-41524","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-41524.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7143","reference_id":"RHSA-2022:7143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7144","reference_id":"RHSA-2022:7144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7144"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585412?format=json","purl":"pkg:deb/debian/apache2@2.4.50-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.50-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-41524"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hj5r-jms3-x3fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3836?format=json","vulnerability_id":"VCID-hm3f-m22n-u3gy","summary":"Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30556.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30556.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30556","reference_id":"","reference_type":"","scores":[{"value":"0.00506","scoring_system":"epss","scoring_elements":"0.66229","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00506","scoring_system":"epss","scoring_elements":"0.66253","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00506","scoring_system":"epss","scoring_elements":"0.66273","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00506","scoring_system":"epss","scoring_elements":"0.6626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00506","scoring_system":"epss","scoring_elements":"0.66195","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00506","scoring_system":"epss","scoring_elements":"0.66222","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00506","scoring_system":"epss","scoring_elements":"0.66192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00506","scoring_system":"epss","scoring_elements":"0.6624","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513","reference_id":"1012513","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095018","reference_id":"2095018","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095018"},{"reference_url":"https://security.archlinux.org/AVG-2763","reference_id":"AVG-2763","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2763"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-30556.json","reference_id":"CVE-2022-30556","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-30556.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://usn.ubuntu.com/5487-1/","reference_id":"USN-5487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-1/"},{"reference_url":"https://usn.ubuntu.com/5487-3/","reference_id":"USN-5487-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583306?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583307?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-30556"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hm3f-m22n-u3gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3839?format=json","vulnerability_id":"VCID-htfx-mahy-9kde","summary":"Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37436.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37436.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37436","reference_id":"","reference_type":"","scores":[{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64237","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64235","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64196","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64246","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64262","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64275","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64264","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00463","scoring_system":"epss","scoring_elements":"0.64208","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37436"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-20001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37436"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27522"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2161773","reference_id":"2161773","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2161773"},{"reference_url":"https://security.archlinux.org/AVG-2824","reference_id":"AVG-2824","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2824"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-37436.json","reference_id":"CVE-2022-37436","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2022-37436.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0852","reference_id":"RHSA-2023:0852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0970","reference_id":"RHSA-2023:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4629","reference_id":"RHSA-2023:4629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4629"},{"reference_url":"https://usn.ubuntu.com/5839-1/","reference_id":"USN-5839-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5839-1/"},{"reference_url":"https://usn.ubuntu.com/5839-2/","reference_id":"USN-5839-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5839-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582331?format=json","purl":"pkg:deb/debian/apache2@2.4.55-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.55-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582332?format=json","purl":"pkg:deb/debian/apache2@2.4.56-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.56-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-37436"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-htfx-mahy-9kde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3690?format=json","vulnerability_id":"VCID-j3mb-97k1-uuh9","summary":"A flaw was found in the mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=186219","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=186219"},{"reference_url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245112"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_13.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_13.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_20.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_20.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://lists.vmware.com/pipermail/security-announce/2009/000062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.vmware.com/pipermail/security-announce/2009/000062.html"},{"reference_url":"http://osvdb.org/37052","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/37052"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2007-0534.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2007-0534.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2007-0556.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2007-0556.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5752.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5752","reference_id":"","reference_type":"","scores":[{"value":"0.18368","scoring_system":"epss","scoring_elements":"0.95226","published_at":"2026-04-13T12:55:00Z"},{"value":"0.18368","scoring_system":"epss","scoring_elements":"0.95189","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18368","scoring_system":"epss","scoring_elements":"0.95218","published_at":"2026-04-09T12:55:00Z"},{"value":"0.18368","scoring_system":"epss","scoring_elements":"0.95223","published_at":"2026-04-12T12:55:00Z"},{"value":"0.18368","scoring_system":"epss","scoring_elements":"0.95201","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18368","scoring_system":"epss","scoring_elements":"0.95203","published_at":"2026-04-04T12:55:00Z"},{"value":"0.18368","scoring_system":"epss","scoring_elements":"0.95206","published_at":"2026-04-07T12:55:00Z"},{"value":"0.18368","scoring_system":"epss","scoring_elements":"0.95214","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-5752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752"},{"reference_url":"http://secunia.com/advisories/25827","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25827"},{"reference_url":"http://secunia.com/advisories/25830","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25830"},{"reference_url":"http://secunia.com/advisories/25873","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25873"},{"reference_url":"http://secunia.com/advisories/25920","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25920"},{"reference_url":"http://secunia.com/advisories/26273","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26273"},{"reference_url":"http://secunia.com/advisories/26443","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26443"},{"reference_url":"http://secunia.com/advisories/26458","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26458"},{"reference_url":"http://secunia.com/advisories/26508","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26508"},{"reference_url":"http://secunia.com/advisories/26822","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26822"},{"reference_url":"http://secunia.com/advisories/26842","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26842"},{"reference_url":"http://secunia.com/advisories/26993","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26993"},{"reference_url":"http://secunia.com/advisories/27037","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27037"},{"reference_url":"http://secunia.com/advisories/27563","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27563"},{"reference_url":"http://secunia.com/advisories/27732","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27732"},{"reference_url":"http://secunia.com/advisories/28212","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/28212"},{"reference_url":"http://secunia.com/advisories/28224","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/28224"},{"reference_url":"http://secunia.com/advisories/28606","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/28606"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200711-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200711-06.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35097","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35097"},{"reference_url":"https://issues.rpath.com/browse/RPL-1500","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1500"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10154"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2007-0533.html","reference_id":"","reference_type":"","scores":[],"url":"https://rhn.redhat.com/errata/RHSA-2007-0533.html"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=549159","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=549159"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702"},{"reference_url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK49295&apar=only"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:141","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:141"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:142"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_61_apache2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_61_apache2.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"},{"reference_url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0532.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0532.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0557.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0557.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0261.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0261.html"},{"reference_url":"http://www.securityfocus.com/archive/1/505990/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/505990/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/24645","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/24645"},{"reference_url":"http://www.securitytracker.com/id?1018302","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1018302"},{"reference_url":"http://www.trustix.org/errata/2007/0026/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2007/0026/"},{"reference_url":"http://www.ubuntu.com/usn/usn-499-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-499-1"},{"reference_url":"http://www.vupen.com/english/advisories/2007/2727","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/2727"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3283","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3283"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3386","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3386"},{"reference_url":"http://www.vupen.com/english/advisories/2007/4305","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/4305"},{"reference_url":"http://www.vupen.com/english/advisories/2008/0233","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/0233"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=245112","reference_id":"245112","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=245112"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2006-5752.json","reference_id":"CVE-2006-5752","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2006-5752.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2006-5752","reference_id":"CVE-2006-5752","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-5752"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0532","reference_id":"RHSA-2007:0532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0533","reference_id":"RHSA-2007:0533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0534","reference_id":"RHSA-2007:0534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0556","reference_id":"RHSA-2007:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0557","reference_id":"RHSA-2007:0557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/499-1/","reference_id":"USN-499-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/499-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585269?format=json","purl":"pkg:deb/debian/apache2@2.2.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2006-5752"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j3mb-97k1-uuh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47?format=json","vulnerability_id":"VCID-jau7-gfz8-dkfa","summary":"The renegotiation vulnerability in SSL protocol","references":[{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://archives.neohapsis.com/archives/bugtraq/2013-11/0120.html"},{"reference_url":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html"},{"reference_url":"http://blogs.iss.net/archive/sslmitmiscsrf.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://blogs.iss.net/archive/sslmitmiscsrf.html"},{"reference_url":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://blogs.sun.com/security/entry/vulnerability_in_tls_protocol_during"},{"reference_url":"http://clicky.me/tlsvuln","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://clicky.me/tlsvuln"},{"reference_url":"http://extendedsubset.com/?p=8","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://extendedsubset.com/?p=8"},{"reference_url":"http://extendedsubset.com/Renegotiating_TLS.pdf","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://extendedsubset.com/Renegotiating_TLS.pdf"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01945686"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02436041"},{"reference_url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"},{"reference_url":"http://kbase.redhat.com/faq/docs/DOC-20491","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://kbase.redhat.com/faq/docs/DOC-20491"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2010//May/msg00002.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039957.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040652.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html"},{"reference_url":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.gnu.org/archive/html/gnutls-devel/2009-11/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"},{"reference_url":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=apache-httpd-announce&m=125755783724966&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=126150535619567&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=127128920008563&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=127419602507642&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=127557596201693&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=132077688910227&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=133469267822771&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=134254866602253&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=134254866602253&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=142660345230545&w=2"},{"reference_url":"http://marc.info/?l=cryptography&m=125752275331877&w=2","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=cryptography&m=125752275331877&w=2"},{"reference_url":"http://openbsd.org/errata45.html#010_openssl","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openbsd.org/errata45.html#010_openssl"},{"reference_url":"http://openbsd.org/errata46.html#004_openssl","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openbsd.org/errata46.html#004_openssl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1579","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2009:1579"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1580","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2009:1580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1694","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2009:1694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0011","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0119","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0130","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0155","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0162","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0163","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0164","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0165","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0166","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0167","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0337","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0338","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0339","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0408","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0440","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0768","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0770","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0786","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0807","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0865","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0986","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0986"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0987","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2010:0987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0880","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2011:0880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1591","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2015:1591"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3555.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2009-3555","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2009-3555"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3555","reference_id":"","reference_type":"","scores":[{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84701","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84628","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84642","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84662","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84664","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84686","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84693","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84711","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02288","scoring_system":"epss","scoring_elements":"0.84707","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3555"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=526689"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=545755"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=533125","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=533125"},{"reference_url":"https://bz.apache.org/bugzilla/show_bug.cgi?id=50325","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bz.apache.org/bugzilla/show_bug.cgi?id=50325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566"},{"reference_url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-049"},{"reference_url":"http://seclists.org/fulldisclosure/2009/Nov/139","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2009/Nov/139"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200912-01.xml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.gentoo.org/glsa/glsa-200912-01.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201203-22.xml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.gentoo.org/glsa/glsa-201203-22.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201406-32.xml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://security.gentoo.org/glsa/glsa-201406-32.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54158"},{"reference_url":"https://github.com/apache/tomcat","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat"},{"reference_url":"https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/tomcat55/commit/359c7ee17f5759cc99988e1cc9e971fe4a6ffad5"},{"reference_url":"https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/14e4efd925da58b9fa63f20969fb7349b8a9c30d"},{"reference_url":"https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/2d4ca03acc27cc883c404d1745d92f983b6fada3"},{"reference_url":"https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/30af3f5630542a2340781f66553e734a6fd69701"},{"reference_url":"https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/328a523cbb2a2d4cd55283180614d4e03e2f8f02"},{"reference_url":"https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/3d315ac9dfaa2c03b4df82938d78bf5b755766b3"},{"reference_url":"https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/56f67141e82e16f68a860c3af9b7342da35cbe7d"},{"reference_url":"https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/b4e9488629bf03b4b65abf335e536e85386d1366"},{"reference_url":"https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/apache/tomcat/commit/df9633116b5fec8f47f1f008fb89a6e9d5895cd0"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"},{"reference_url":"https://kb.bluecoat.com/index?page=content&id=SA50","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.597446"},{"reference_url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d@<dev.tomcat.apache.org>"},{"reference_url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@<dev.tomcat.apache.org>"},{"reference_url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@<dev.tomcat.apache.org>"},{"reference_url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d@<dev.tomcat.apache.org>"},{"reference_url":"https://nginx.org/download/patch.cve-2009-3555.txt","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.cve-2009-3555.txt"},{"reference_url":"https://nginx.org/download/patch.cve-2009-3555.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"https://nginx.org/download/patch.cve-2009-3555.txt.asc"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:10088"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11578"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:11617"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7315"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7478"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:7973"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8366"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:8535"},{"reference_url":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.f5.com/kb/en-us/solutions/public/10000/700/sol10737.html"},{"reference_url":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt"},{"reference_url":"https://tomcat.apache.org/security-5.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-5.html"},{"reference_url":"https://tomcat.apache.org/security-6.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-6.html"},{"reference_url":"https://tomcat.apache.org/security-7.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tomcat.apache.org/security-7.html"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-273350-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-273029-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-274990-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021653.1-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021752.1-1"},{"reference_url":"http://support.apple.com/kb/HT4004","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT4004"},{"reference_url":"http://support.apple.com/kb/HT4170","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT4170"},{"reference_url":"http://support.apple.com/kb/HT4171","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT4171"},{"reference_url":"http://support.avaya.com/css/P8/documents/100070150","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/css/P8/documents/100070150"},{"reference_url":"http://support.avaya.com/css/P8/documents/100081611","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/css/P8/documents/100081611"},{"reference_url":"http://support.avaya.com/css/P8/documents/100114315","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/css/P8/documents/100114315"},{"reference_url":"http://support.avaya.com/css/P8/documents/100114327","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.avaya.com/css/P8/documents/100114327"},{"reference_url":"http://support.citrix.com/article/CTX123359","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.citrix.com/article/CTX123359"},{"reference_url":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.zeus.com/zws/media/docs/4.3/RELEASE_NOTES"},{"reference_url":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.zeus.com/zws/news/2010/01/13/zws_4_3r5_released"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00634.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00645.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00944.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01020.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01029.html"},{"reference_url":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://sysoev.ru/nginx/patch.cve-2009-3555.txt"},{"reference_url":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://tomcat.apache.org/native-doc/miscellaneous/changelog-1.1.x.html"},{"reference_url":"http://ubuntu.com/usn/usn-923-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://ubuntu.com/usn/usn-923-1"},{"reference_url":"http://wiki.rpath.com/Advisories:rPSA-2009-0155","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://wiki.rpath.com/Advisories:rPSA-2009-0155"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC67848"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68054"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IC68055"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM12247"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21426108"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21432298"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24006386"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg24025312"},{"reference_url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PM00675&apar=only"},{"reference_url":"http://www.arubanetworks.com/support/alerts/aid-020810.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.arubanetworks.com/support/alerts/aid-020810.txt"},{"reference_url":"http://www.betanews.com/article/1257452450","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.betanews.com/article/1257452450"},{"reference_url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a0080b01d1d.shtml"},{"reference_url":"http://www.debian.org/security/2009/dsa-1934","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2009/dsa-1934"},{"reference_url":"http://www.debian.org/security/2011/dsa-2141","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2011/dsa-2141"},{"reference_url":"http://www.debian.org/security/2015/dsa-3253","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3253"},{"reference_url":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html"},{"reference_url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-030/index.html"},{"reference_url":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03928.html"},{"reference_url":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ietf.org/mail-archive/web/tls/current/msg03948.html"},{"reference_url":"http://www.ingate.com/Relnote.php?ver=481","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ingate.com/Relnote.php?ver=481"},{"reference_url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"},{"reference_url":"http://www.kb.cert.org/vuls/id/120541","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.kb.cert.org/vuls/id/120541"},{"reference_url":"http://www.links.org/?p=780","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.links.org/?p=780"},{"reference_url":"http://www.links.org/?p=786","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.links.org/?p=786"},{"reference_url":"http://www.links.org/?p=789","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.links.org/?p=789"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:084"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:089"},{"reference_url":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.mozilla.org/security/announce/2010/mfsa2010-22.html"},{"reference_url":"http://www.openoffice.org/security/cves/CVE-2009-3555.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openoffice.org/security/cves/CVE-2009-3555.html"},{"reference_url":"http://www.openssl.org/news/secadv_20091111.txt","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openssl.org/news/secadv_20091111.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/05/3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/05/5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/05/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/06/3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/06/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/07/3","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/07/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/20/1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/20/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2009/11/23/10","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2009/11/23/10"},{"reference_url":"http://www.opera.com/docs/changelogs/unix/1060","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.opera.com/docs/changelogs/unix/1060"},{"reference_url":"http://www.opera.com/support/search/view/944","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.opera.com/support/search/view/944"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html"},{"reference_url":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.proftpd.org/docs/RELEASE_NOTES-1.3.2c"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0119.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0130.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0130.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0155.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0155.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0165.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0165.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0167.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0167.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0337.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0337.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0338.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0338.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0339.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0339.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0768.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0768.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0770.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0770.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0786.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0786.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0807.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0807.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0865.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0865.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0986.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0986.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0987.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0987.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0880.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2011-0880.html"},{"reference_url":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securegoose.org/2009/11/tls-renegotiation-vulnerability-cve.html"},{"reference_url":"http://www.tombom.co.uk/blog/?p=85","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.tombom.co.uk/blog/?p=85"},{"reference_url":"http://www.ubuntu.com/usn/USN-1010-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-1010-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-927-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-927-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-927-4","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-927-4"},{"reference_url":"http://www.ubuntu.com/usn/USN-927-5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-927-5"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.us-cert.gov/cas/techalerts/TA10-222A.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.us-cert.gov/cas/techalerts/TA10-287A.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/security/advisories/VMSA-2010-0019.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/security/advisories/VMSA-2011-0003.html"},{"reference_url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649","reference_id":"765649","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py","reference_id":"CVE-2009-3555","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10579.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3555","reference_id":"CVE-2009-3555","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-3555"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt","reference_id":"CVE-2009-3555;OSVDB-59970","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10071.txt"},{"reference_url":"https://www.securityfocus.com/bid/35888/info","reference_id":"CVE-2009-3555;OSVDB-59970","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35888/info"},{"reference_url":"https://github.com/advisories/GHSA-f7w7-6pjc-wwm6","reference_id":"GHSA-f7w7-6pjc-wwm6","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f7w7-6pjc-wwm6"},{"reference_url":"https://security.gentoo.org/glsa/200912-01","reference_id":"GLSA-200912-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200912-01"},{"reference_url":"https://security.gentoo.org/glsa/201006-18","reference_id":"GLSA-201006-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-18"},{"reference_url":"https://security.gentoo.org/glsa/201110-05","reference_id":"GLSA-201110-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-05"},{"reference_url":"https://security.gentoo.org/glsa/201203-22","reference_id":"GLSA-201203-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-22"},{"reference_url":"https://security.gentoo.org/glsa/201206-18","reference_id":"GLSA-201206-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-18"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://security.gentoo.org/glsa/201309-15","reference_id":"GLSA-201309-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-15"},{"reference_url":"https://security.gentoo.org/glsa/201311-13","reference_id":"GLSA-201311-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-13"},{"reference_url":"https://security.gentoo.org/glsa/201406-32","reference_id":"GLSA-201406-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-32"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2010-22","reference_id":"mfsa2010-22","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2010-22"},{"reference_url":"https://usn.ubuntu.com/1010-1/","reference_id":"USN-1010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1010-1/"},{"reference_url":"https://usn.ubuntu.com/860-1/","reference_id":"USN-860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/860-1/"},{"reference_url":"https://usn.ubuntu.com/923-1/","reference_id":"USN-923-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/923-1/"},{"reference_url":"https://usn.ubuntu.com/927-1/","reference_id":"USN-927-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/927-1/"},{"reference_url":"https://usn.ubuntu.com/927-4/","reference_id":"USN-927-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/927-4/"},{"reference_url":"https://usn.ubuntu.com/927-6/","reference_id":"USN-927-6","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/927-6/"},{"reference_url":"https://usn.ubuntu.com/990-1/","reference_id":"USN-990-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/990-1/"},{"reference_url":"https://usn.ubuntu.com/990-2/","reference_id":"USN-990-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/990-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583564?format=json","purl":"pkg:deb/debian/apache2@2.2.14-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.14-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2009-3555","GHSA-f7w7-6pjc-wwm6","VU#120541"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jau7-gfz8-dkfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3773?format=json","vulnerability_id":"VCID-jt89-ruvk-1kbj","summary":"The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments. by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9788","reference_id":"","reference_type":"","scores":[{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97921","published_at":"2026-04-01T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97944","published_at":"2026-04-13T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97934","published_at":"2026-04-08T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97937","published_at":"2026-04-09T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97941","published_at":"2026-04-11T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97942","published_at":"2026-04-12T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97924","published_at":"2026-04-02T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97926","published_at":"2026-04-04T12:55:00Z"},{"value":"0.52641","scoring_system":"epss","scoring_elements":"0.97929","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470748","reference_id":"1470748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470748"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467","reference_id":"868467","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467"},{"reference_url":"https://security.archlinux.org/ASA-201707-15","reference_id":"ASA-201707-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-15"},{"reference_url":"https://security.archlinux.org/AVG-350","reference_id":"AVG-350","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-350"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-9788.json","reference_id":"CVE-2017-9788","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-9788.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2708","reference_id":"RHSA-2017:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2709","reference_id":"RHSA-2017:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2710","reference_id":"RHSA-2017:2710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3240","reference_id":"RHSA-2017:3240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3240"},{"reference_url":"https://usn.ubuntu.com/3370-1/","reference_id":"USN-3370-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3370-1/"},{"reference_url":"https://usn.ubuntu.com/3370-2/","reference_id":"USN-3370-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3370-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586576?format=json","purl":"pkg:deb/debian/apache2@2.4.27-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.27-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-9788"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jt89-ruvk-1kbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57281?format=json","vulnerability_id":"VCID-jvhf-ecm7-fbb8","summary":"Multiple vulnerabilities have been discovered in Apache, possibly resulting\n    in a Denial of Service or the disclosure of sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4465","reference_id":"","reference_type":"","scores":[{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.8604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.85976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.85987","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86032","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86023","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86003","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86004","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86044","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02772","scoring_system":"epss","scoring_elements":"0.86046","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465"},{"reference_url":"http://www.securityfocus.com/bid/25653","reference_id":"25653","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.securityfocus.com/bid/25653"},{"reference_url":"http://secunia.com/advisories/26952","reference_id":"26952","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/26952"},{"reference_url":"http://secunia.com/advisories/28467","reference_id":"28467","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28467"},{"reference_url":"http://secunia.com/advisories/28471","reference_id":"28471","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28471"},{"reference_url":"http://secunia.com/advisories/28607","reference_id":"28607","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28607"},{"reference_url":"http://secunia.com/advisories/28749","reference_id":"28749","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/28749"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=289511","reference_id":"289511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=289511"},{"reference_url":"http://securityreason.com/securityalert/3113","reference_id":"3113","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://securityreason.com/securityalert/3113"},{"reference_url":"http://secunia.com/advisories/33105","reference_id":"33105","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://secunia.com/advisories/33105"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36586","reference_id":"36586","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36586"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783","reference_id":"453783","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453783"},{"reference_url":"http://securityreason.com/achievement_securityalert/46","reference_id":"46","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://securityreason.com/achievement_securityalert/46"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014","reference_id":"advisories?name=MDVSA-2008:014","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:014"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm","reference_id":"ASA-2008-032.htm","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.2.6","reference_id":"CHANGES_2.2.6","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.apache.org/dist/httpd/CHANGES_2.2.6"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"http://securitytracker.com/id?1019194","reference_id":"id?1019194","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://securitytracker.com/id?1019194"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html","reference_id":"interstage-200807e.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html","reference_id":"msg00353.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00353.html"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A10929","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10929"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A6089","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0911","reference_id":"RHSA-2007:0911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0911"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0911.html","reference_id":"RHSA-2007-0911.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2007-0911.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0004.html","reference_id":"RHSA-2008-0004.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0004.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0005.html","reference_id":"RHSA-2008-0005.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0005.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0006.html","reference_id":"RHSA-2008-0006.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0006.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0008.html","reference_id":"RHSA-2008-0008.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"http://www.securityfocus.com/archive/1/479237/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.securityfocus.com/archive/1/479237/100/0/threaded"},{"reference_url":"http://www.ubuntu.com/usn/usn-575-1","reference_id":"usn-575-1","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-05T17:42:37Z/"}],"url":"http://www.ubuntu.com/usn/usn-575-1"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583943?format=json","purl":"pkg:deb/debian/apache2@2.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-4465"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvhf-ecm7-fbb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3779?format=json","vulnerability_id":"VCID-jzuw-73df-mfff","summary":"A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.33, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1301.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1301.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1301","reference_id":"","reference_type":"","scores":[{"value":"0.07499","scoring_system":"epss","scoring_elements":"0.91755","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07499","scoring_system":"epss","scoring_elements":"0.91798","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07499","scoring_system":"epss","scoring_elements":"0.91797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07499","scoring_system":"epss","scoring_elements":"0.918","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07499","scoring_system":"epss","scoring_elements":"0.91802","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07499","scoring_system":"epss","scoring_elements":"0.91764","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07499","scoring_system":"epss","scoring_elements":"0.9177","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07499","scoring_system":"epss","scoring_elements":"0.91777","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07499","scoring_system":"epss","scoring_elements":"0.9179","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560643","reference_id":"1560643","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560643"},{"reference_url":"https://security.archlinux.org/ASA-201804-4","reference_id":"ASA-201804-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201804-4"},{"reference_url":"https://security.archlinux.org/AVG-664","reference_id":"AVG-664","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-664"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-1301.json","reference_id":"CVE-2018-1301","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-1301.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0366","reference_id":"RHSA-2019:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0367","reference_id":"RHSA-2019:0367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1121","reference_id":"RHSA-2020:1121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1121"},{"reference_url":"https://usn.ubuntu.com/3627-1/","reference_id":"USN-3627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-1/"},{"reference_url":"https://usn.ubuntu.com/3627-2/","reference_id":"USN-3627-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-2/"},{"reference_url":"https://usn.ubuntu.com/3937-2/","reference_id":"USN-3937-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3937-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584735?format=json","purl":"pkg:deb/debian/apache2@2.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-1301"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jzuw-73df-mfff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3758?format=json","vulnerability_id":"VCID-k4kb-21tp-4kc8","summary":"An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3183","reference_id":"","reference_type":"","scores":[{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96477","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96489","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96494","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96502","published_at":"2026-04-08T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96505","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96508","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28343","scoring_system":"epss","scoring_elements":"0.96511","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243887","reference_id":"1243887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243887"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2015-3183.json","reference_id":"CVE-2015-3183","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2015-3183.json"},{"reference_url":"https://security.gentoo.org/glsa/201610-02","reference_id":"GLSA-201610-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1666","reference_id":"RHSA-2015:1666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1667","reference_id":"RHSA-2015:1667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1668","reference_id":"RHSA-2015:1668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2661","reference_id":"RHSA-2015:2661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0061","reference_id":"RHSA-2016:0061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0062","reference_id":"RHSA-2016:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2054","reference_id":"RHSA-2016:2054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2055","reference_id":"RHSA-2016:2055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2056","reference_id":"RHSA-2016:2056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2056"},{"reference_url":"https://usn.ubuntu.com/2686-1/","reference_id":"USN-2686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2686-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585865?format=json","purl":"pkg:deb/debian/apache2@2.4.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2015-3183"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kb-21tp-4kc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3827?format=json","vulnerability_id":"VCID-k4nk-qqxg-s7e6","summary":"Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22720.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22720.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22720","reference_id":"","reference_type":"","scores":[{"value":"0.27458","scoring_system":"epss","scoring_elements":"0.96418","published_at":"2026-04-13T12:55:00Z"},{"value":"0.27458","scoring_system":"epss","scoring_elements":"0.96414","published_at":"2026-04-11T12:55:00Z"},{"value":"0.27458","scoring_system":"epss","scoring_elements":"0.96415","published_at":"2026-04-12T12:55:00Z"},{"value":"0.27458","scoring_system":"epss","scoring_elements":"0.9639","published_at":"2026-04-02T12:55:00Z"},{"value":"0.27458","scoring_system":"epss","scoring_elements":"0.96395","published_at":"2026-04-04T12:55:00Z"},{"value":"0.27458","scoring_system":"epss","scoring_elements":"0.96398","published_at":"2026-04-07T12:55:00Z"},{"value":"0.27458","scoring_system":"epss","scoring_elements":"0.96407","published_at":"2026-04-08T12:55:00Z"},{"value":"0.27458","scoring_system":"epss","scoring_elements":"0.96409","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22720"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064321","reference_id":"2064321","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064321"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-22720.json","reference_id":"CVE-2022-22720","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-22720.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1045","reference_id":"RHSA-2022:1045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1049","reference_id":"RHSA-2022:1049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1072","reference_id":"RHSA-2022:1072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1075","reference_id":"RHSA-2022:1075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1080","reference_id":"RHSA-2022:1080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1102","reference_id":"RHSA-2022:1102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1136","reference_id":"RHSA-2022:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1137","reference_id":"RHSA-2022:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1138","reference_id":"RHSA-2022:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1139","reference_id":"RHSA-2022:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1173","reference_id":"RHSA-2022:1173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1389","reference_id":"RHSA-2022:1389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1390","reference_id":"RHSA-2022:1390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1390"},{"reference_url":"https://usn.ubuntu.com/5333-1/","reference_id":"USN-5333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5333-1/"},{"reference_url":"https://usn.ubuntu.com/5333-2/","reference_id":"USN-5333-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5333-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583022?format=json","purl":"pkg:deb/debian/apache2@2.4.53-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.53-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583023?format=json","purl":"pkg:deb/debian/apache2@2.4.53-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.53-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-22720"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4nk-qqxg-s7e6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3686?format=json","vulnerability_id":"VCID-kcwg-hswv-2uf7","summary":"A flaw in mod_imap when using the Referer directive with image maps. In certain site configurations a remote attacker could perform a cross-site scripting attack if a victim can be forced to visit a malicious URL using certain web browsers.","references":[{"reference_url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U","reference_id":"","reference_type":"","scores":[],"url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"},{"reference_url":"http://docs.info.apple.com/article.html?artnum=307562","reference_id":"","reference_type":"","scores":[],"url":"http://docs.info.apple.com/article.html?artnum=307562"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"},{"reference_url":"http://issues.apache.org/bugzilla/show_bug.cgi?id=37874","reference_id":"","reference_type":"","scores":[],"url":"http://issues.apache.org/bugzilla/show_bug.cgi?id=37874"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"},{"reference_url":"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html"},{"reference_url":"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2006-0159.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2006-0159.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2006-0692.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2006-0692.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3352.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3352","reference_id":"","reference_type":"","scores":[{"value":"0.25577","scoring_system":"epss","scoring_elements":"0.96231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.25577","scoring_system":"epss","scoring_elements":"0.96193","published_at":"2026-04-01T12:55:00Z"},{"value":"0.25577","scoring_system":"epss","scoring_elements":"0.9623","published_at":"2026-04-11T12:55:00Z"},{"value":"0.25577","scoring_system":"epss","scoring_elements":"0.96229","published_at":"2026-04-12T12:55:00Z"},{"value":"0.25577","scoring_system":"epss","scoring_elements":"0.96201","published_at":"2026-04-02T12:55:00Z"},{"value":"0.25577","scoring_system":"epss","scoring_elements":"0.96208","published_at":"2026-04-04T12:55:00Z"},{"value":"0.25577","scoring_system":"epss","scoring_elements":"0.96213","published_at":"2026-04-07T12:55:00Z"},{"value":"0.25577","scoring_system":"epss","scoring_elements":"0.96222","published_at":"2026-04-08T12:55:00Z"},{"value":"0.25577","scoring_system":"epss","scoring_elements":"0.96226","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352"},{"reference_url":"http://secunia.com/advisories/17319","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17319"},{"reference_url":"http://secunia.com/advisories/18008","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18008"},{"reference_url":"http://secunia.com/advisories/18333","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18333"},{"reference_url":"http://secunia.com/advisories/18339","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18339"},{"reference_url":"http://secunia.com/advisories/18340","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18340"},{"reference_url":"http://secunia.com/advisories/18429","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18429"},{"reference_url":"http://secunia.com/advisories/18517","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18517"},{"reference_url":"http://secunia.com/advisories/18526","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18526"},{"reference_url":"http://secunia.com/advisories/18585","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18585"},{"reference_url":"http://secunia.com/advisories/18743","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18743"},{"reference_url":"http://secunia.com/advisories/19012","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19012"},{"reference_url":"http://secunia.com/advisories/20046","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/20046"},{"reference_url":"http://secunia.com/advisories/20670","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/20670"},{"reference_url":"http://secunia.com/advisories/21744","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/21744"},{"reference_url":"http://secunia.com/advisories/22140","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22140"},{"reference_url":"http://secunia.com/advisories/22368","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22368"},{"reference_url":"http://secunia.com/advisories/22388","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22388"},{"reference_url":"http://secunia.com/advisories/22669","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22669"},{"reference_url":"http://secunia.com/advisories/23260","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23260"},{"reference_url":"http://secunia.com/advisories/25239","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25239"},{"reference_url":"http://secunia.com/advisories/29420","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/29420"},{"reference_url":"http://secunia.com/advisories/29849","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/29849"},{"reference_url":"http://secunia.com/advisories/30430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30430"},{"reference_url":"http://securitytracker.com/id?1015344","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1015344"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.470158"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.685483"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10480"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102663-1"},{"reference_url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK16139&apar=only"},{"reference_url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK25355&apar=only"},{"reference_url":"http://www.debian.org/security/2006/dsa-1167","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2006/dsa-1167"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml"},{"reference_url":"http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007","reference_id":"","reference_type":"","scores":[],"url":"http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:007"},{"reference_url":"http://www.novell.com/linux/security/advisories/2006_43_apache.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2006_43_apache.html"},{"reference_url":"http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.openpkg.org/security/OpenPKG-SA-2005.029-apache.txt"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"},{"reference_url":"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2006-0158.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2006-0158.html"},{"reference_url":"http://www.securityfocus.com/archive/1/425399/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/425399/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/445206/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/445206/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/450315/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/450315/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/450321/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/450321/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/15834","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/15834"},{"reference_url":"http://www.trustix.org/errata/2005/0074/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2005/0074/"},{"reference_url":"http://www.ubuntulinux.org/usn/usn-241-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntulinux.org/usn/usn-241-1"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-150A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-150A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2005/2870","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2005/2870"},{"reference_url":"http://www.vupen.com/english/advisories/2006/2423","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/2423"},{"reference_url":"http://www.vupen.com/english/advisories/2006/3995","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/3995"},{"reference_url":"http://www.vupen.com/english/advisories/2006/4015","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/4015"},{"reference_url":"http://www.vupen.com/english/advisories/2006/4300","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/4300"},{"reference_url":"http://www.vupen.com/english/advisories/2006/4868","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/4868"},{"reference_url":"http://www.vupen.com/english/advisories/2008/0924/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/0924/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1246/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1246/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1697","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1697"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343467","reference_id":"343467","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=343467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430524","reference_id":"430524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430524"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-3352.json","reference_id":"CVE-2005-3352","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-3352.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-3352","reference_id":"CVE-2005-3352","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-3352"},{"reference_url":"https://security.gentoo.org/glsa/200602-03","reference_id":"GLSA-200602-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:882","reference_id":"RHSA-2005:882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0158","reference_id":"RHSA-2006:0158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0159","reference_id":"RHSA-2006:0159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0692","reference_id":"RHSA-2006:0692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/241-1/","reference_id":"USN-241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584865?format=json","purl":"pkg:deb/debian/apache2@2.0.55-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.55-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2005-3352"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kcwg-hswv-2uf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3747?format=json","vulnerability_id":"VCID-ke1s-451y-p3cz","summary":"A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0098","reference_id":"","reference_type":"","scores":[{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.9738","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97357","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97363","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97367","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97368","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97375","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97376","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97378","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4102","scoring_system":"epss","scoring_elements":"0.97379","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077871","reference_id":"1077871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077871"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0098.json","reference_id":"CVE-2014-0098","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0098.json"},{"reference_url":"https://security.gentoo.org/glsa/201408-12","reference_id":"GLSA-201408-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0369","reference_id":"RHSA-2014:0369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0370","reference_id":"RHSA-2014:0370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0783","reference_id":"RHSA-2014:0783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0784","reference_id":"RHSA-2014:0784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0825","reference_id":"RHSA-2014:0825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0826","reference_id":"RHSA-2014:0826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0826"},{"reference_url":"https://usn.ubuntu.com/2152-1/","reference_id":"USN-2152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2152-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585772?format=json","purl":"pkg:deb/debian/apache2@2.4.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2014-0098"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ke1s-451y-p3cz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3697?format=json","vulnerability_id":"VCID-kgpj-aexq-7kah","summary":"A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6388","reference_id":"","reference_type":"","scores":[{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99353","published_at":"2026-04-13T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99344","published_at":"2026-04-01T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99345","published_at":"2026-04-02T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99347","published_at":"2026-04-04T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99348","published_at":"2026-04-07T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.9935","published_at":"2026-04-09T12:55:00Z"},{"value":"0.85047","scoring_system":"epss","scoring_elements":"0.99352","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6388"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427228","reference_id":"427228","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427228"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6388.json","reference_id":"CVE-2007-6388","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6388.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583259?format=json","purl":"pkg:deb/debian/apache2@2.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-6388"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kgpj-aexq-7kah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3774?format=json","vulnerability_id":"VCID-khfr-kgtb-rfam","summary":"When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9789.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9789","reference_id":"","reference_type":"","scores":[{"value":"0.12192","scoring_system":"epss","scoring_elements":"0.93796","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12192","scoring_system":"epss","scoring_elements":"0.93836","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12192","scoring_system":"epss","scoring_elements":"0.93818","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12192","scoring_system":"epss","scoring_elements":"0.93827","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12192","scoring_system":"epss","scoring_elements":"0.9383","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12192","scoring_system":"epss","scoring_elements":"0.93835","published_at":"2026-04-12T12:55:00Z"},{"value":"0.12192","scoring_system":"epss","scoring_elements":"0.93805","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12192","scoring_system":"epss","scoring_elements":"0.93814","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470750","reference_id":"1470750","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470750"},{"reference_url":"https://security.archlinux.org/ASA-201707-15","reference_id":"ASA-201707-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-15"},{"reference_url":"https://security.archlinux.org/AVG-350","reference_id":"AVG-350","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-350"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-9789.json","reference_id":"CVE-2017-9789","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-9789.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-9789"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khfr-kgtb-rfam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3727?format=json","vulnerability_id":"VCID-kkfv-4jd1-bqdm","summary":"A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. This could be used in a denial of service attack. Advisory: CVE-2011-3192.txt","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3192","reference_id":"","reference_type":"","scores":[{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99604","published_at":"2026-04-02T12:55:00Z"},{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99605","published_at":"2026-04-04T12:55:00Z"},{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99606","published_at":"2026-04-07T12:55:00Z"},{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99607","published_at":"2026-04-13T12:55:00Z"},{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99608","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3192"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=732928","reference_id":"732928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=732928"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3192.json","reference_id":"CVE-2011-3192","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3192.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c","reference_id":"CVE-2014-5329;OSVDB-74721;CVE-2011-3192","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl","reference_id":"CVE-2014-5329;OSVDB-74721;CVE-2011-3192","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1245","reference_id":"RHSA-2011:1245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1294","reference_id":"RHSA-2011:1294","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1300","reference_id":"RHSA-2011:1300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1329","reference_id":"RHSA-2011:1329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1330","reference_id":"RHSA-2011:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1330"},{"reference_url":"https://usn.ubuntu.com/1199-1/","reference_id":"USN-1199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1199-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586252?format=json","purl":"pkg:deb/debian/apache2@2.2.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2011-3192"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkfv-4jd1-bqdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3845?format=json","vulnerability_id":"VCID-kkuy-1j91-9bb2","summary":"When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\n\nThis was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45802.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45802.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45802","reference_id":"","reference_type":"","scores":[{"value":"0.01741","scoring_system":"epss","scoring_elements":"0.82453","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01741","scoring_system":"epss","scoring_elements":"0.82511","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01741","scoring_system":"epss","scoring_elements":"0.8252","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01741","scoring_system":"epss","scoring_elements":"0.82516","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01741","scoring_system":"epss","scoring_elements":"0.82471","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01741","scoring_system":"epss","scoring_elements":"0.82467","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01741","scoring_system":"epss","scoring_elements":"0.82495","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01741","scoring_system":"epss","scoring_elements":"0.82501","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243877","reference_id":"2243877","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243877"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2023-45802.json","reference_id":"CVE-2023-45802","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2023-45802.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7625","reference_id":"RHSA-2023:7625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7626","reference_id":"RHSA-2023:7626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2368","reference_id":"RHSA-2024:2368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2891","reference_id":"RHSA-2024:2891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3121","reference_id":"RHSA-2024:3121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3121"},{"reference_url":"https://usn.ubuntu.com/6506-1/","reference_id":"USN-6506-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6506-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582675?format=json","purl":"pkg:deb/debian/apache2@2.4.58-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.58-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582458?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582459?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2023-45802"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkuy-1j91-9bb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3751?format=json","vulnerability_id":"VCID-kpew-rarv-83dg","summary":"A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0304.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0304.html"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0305.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0305.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2"},{"reference_url":"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0231","reference_id":"","reference_type":"","scores":[{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97523","published_at":"2026-04-01T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97541","published_at":"2026-04-09T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97544","published_at":"2026-04-11T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.9753","published_at":"2026-04-02T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97532","published_at":"2026-04-04T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97534","published_at":"2026-04-07T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97539","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231"},{"reference_url":"http://secunia.com/advisories/60536","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60536"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://puppet.com/security/cve/cve-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2014-0231"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1482522&r2=1535125&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_cgid.c?r1=1565711&r2=1610509&diff_format=h"},{"reference_url":"http://www.debian.org/security/2014/dsa-2989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-2989"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://www.securityfocus.com/bid/68742","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/68742"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120596","reference_id":"1120596","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120596"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0231.json","reference_id":"CVE-2014-0231","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0231.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0231","reference_id":"CVE-2014-0231","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0231"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0920","reference_id":"RHSA-2014:0920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1019","reference_id":"RHSA-2014:1019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1020","reference_id":"RHSA-2014:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1021","reference_id":"RHSA-2014:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1086","reference_id":"RHSA-2014:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1087","reference_id":"RHSA-2014:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1088","reference_id":"RHSA-2014:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1088"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582592?format=json","purl":"pkg:deb/debian/apache2@2.4.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2014-0231"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kpew-rarv-83dg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3761?format=json","vulnerability_id":"VCID-kv7f-t14h-2bfv","summary":"By manipulating the flow control windows on streams, a client was able to block server threads for long times, causing starvation of worker threads. Connections could still be opened, but no streams where processed for these. This issue affected HTTP/2 support in 2.4.17 and 2.4.18.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1546.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1546.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1546","reference_id":"","reference_type":"","scores":[{"value":"0.41505","scoring_system":"epss","scoring_elements":"0.97407","published_at":"2026-04-13T12:55:00Z"},{"value":"0.41505","scoring_system":"epss","scoring_elements":"0.97382","published_at":"2026-04-01T12:55:00Z"},{"value":"0.41505","scoring_system":"epss","scoring_elements":"0.97403","published_at":"2026-04-09T12:55:00Z"},{"value":"0.41505","scoring_system":"epss","scoring_elements":"0.97405","published_at":"2026-04-11T12:55:00Z"},{"value":"0.41505","scoring_system":"epss","scoring_elements":"0.97406","published_at":"2026-04-12T12:55:00Z"},{"value":"0.41505","scoring_system":"epss","scoring_elements":"0.97389","published_at":"2026-04-02T12:55:00Z"},{"value":"0.41505","scoring_system":"epss","scoring_elements":"0.97394","published_at":"2026-04-04T12:55:00Z"},{"value":"0.41505","scoring_system":"epss","scoring_elements":"0.97395","published_at":"2026-04-07T12:55:00Z"},{"value":"0.41505","scoring_system":"epss","scoring_elements":"0.97402","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1546"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1546"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180601-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20180601-0001/"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1733727","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1733727"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.4","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.4"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"},{"reference_url":"http://www.securityfocus.com/bid/92331","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92331"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1336350","reference_id":"1336350","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1336350"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.18:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-1546.json","reference_id":"CVE-2016-1546","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-1546.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1546","reference_id":"CVE-2016-1546","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1546"},{"reference_url":"https://security.gentoo.org/glsa/201610-02","reference_id":"GLSA-201610-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1161","reference_id":"RHSA-2017:1161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1161"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585697?format=json","purl":"pkg:deb/debian/apache2@2.4.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2016-1546"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kv7f-t14h-2bfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3685?format=json","vulnerability_id":"VCID-m8uk-byje-dqey","summary":"A memory leak in the worker MPM would allow remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. This issue was downgraded in severity to low (from moderate) as sucessful exploitation of the race condition would be difficult.","references":[{"reference_url":"http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail%40minotaur.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail%40minotaur.apache.org%3E"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2006-0159.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2006-0159.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2970.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2970.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2970","reference_id":"","reference_type":"","scores":[{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.95604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.95601","published_at":"2026-04-11T12:55:00Z"},{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.95602","published_at":"2026-04-12T12:55:00Z"},{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.95571","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.9558","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.95585","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.95587","published_at":"2026-04-07T12:55:00Z"},{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.95593","published_at":"2026-04-08T12:55:00Z"},{"value":"0.20799","scoring_system":"epss","scoring_elements":"0.95596","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2970"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2970","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2970"},{"reference_url":"http://secunia.com/advisories/16559","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16559"},{"reference_url":"http://secunia.com/advisories/17923","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17923"},{"reference_url":"http://secunia.com/advisories/18161","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18161"},{"reference_url":"http://secunia.com/advisories/18333","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18333"},{"reference_url":"http://secunia.com/advisories/18585","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18585"},{"reference_url":"http://securitytracker.com/id?1015093","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1015093"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10043","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10043"},{"reference_url":"http://svn.apache.org/viewcvs?rev=292949&view=rev","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewcvs?rev=292949&view=rev"},{"reference_url":"https://www.ubuntu.com/usn/usn-225-1/","reference_id":"","reference_type":"","scores":[],"url":"https://www.ubuntu.com/usn/usn-225-1/"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:233","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:233"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_28_sr.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_28_sr.html"},{"reference_url":"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html"},{"reference_url":"http://www.securityfocus.com/archive/1/425399/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/425399/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/15762","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/15762"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617769","reference_id":"1617769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617769"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340337","reference_id":"340337","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=340337"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora_core:4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora_core:4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora_core:4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-2970.json","reference_id":"CVE-2005-2970","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-2970.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2970","reference_id":"CVE-2005-2970","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0159","reference_id":"RHSA-2006:0159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0159"},{"reference_url":"https://usn.ubuntu.com/225-1/","reference_id":"USN-225-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/225-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585889?format=json","purl":"pkg:deb/debian/apache2@2.0.55-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.55-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2005-2970"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m8uk-byje-dqey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3748?format=json","vulnerability_id":"VCID-m9fd-9pya-xucw","summary":"A flaw was found in mod_proxy in httpd versions 2.4.6 to 2.4.9. A remote attacker could send a carefully crafted request to a server configured as a reverse proxy, and cause the child process to crash. This could lead to a denial of service against a threaded MPM.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0305.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0305.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0117.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0117","reference_id":"","reference_type":"","scores":[{"value":"0.56996","scoring_system":"epss","scoring_elements":"0.98139","published_at":"2026-04-13T12:55:00Z"},{"value":"0.56996","scoring_system":"epss","scoring_elements":"0.98123","published_at":"2026-04-01T12:55:00Z"},{"value":"0.56996","scoring_system":"epss","scoring_elements":"0.98135","published_at":"2026-04-09T12:55:00Z"},{"value":"0.56996","scoring_system":"epss","scoring_elements":"0.98138","published_at":"2026-04-11T12:55:00Z"},{"value":"0.56996","scoring_system":"epss","scoring_elements":"0.98125","published_at":"2026-04-02T12:55:00Z"},{"value":"0.56996","scoring_system":"epss","scoring_elements":"0.98129","published_at":"2026-04-04T12:55:00Z"},{"value":"0.56996","scoring_system":"epss","scoring_elements":"0.9813","published_at":"2026-04-07T12:55:00Z"},{"value":"0.56996","scoring_system":"epss","scoring_elements":"0.98134","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117"},{"reference_url":"http://seclists.org/fulldisclosure/2014/Jul/117","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2014/Jul/117"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1599486&r2=1610674&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_http.c?r1=1599486&r2=1610674&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?r1=1609680&r2=1610674&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?r1=1609680&r2=1610674&diff_format=h"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://zerodayinitiative.com/advisories/ZDI-14-239/","reference_id":"","reference_type":"","scores":[],"url":"http://zerodayinitiative.com/advisories/ZDI-14-239/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120599","reference_id":"1120599","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120599"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0117.json","reference_id":"CVE-2014-0117","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0117.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0117","reference_id":"CVE-2014-0117","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582592?format=json","purl":"pkg:deb/debian/apache2@2.4.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2014-0117"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m9fd-9pya-xucw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3689?format=json","vulnerability_id":"VCID-me4r-1qb6-dqdf","summary":"A flaw in the handling of invalid Expect headers. If an attacker can influence the Expect header that a victim sends to a target site they could perform a cross-site scripting attack. It is known that some versions of Flash can set an arbitrary Expect header which can trigger this flaw. Not marked as a security issue for 2.0 or 2.2 as the cross-site scripting is only returned to the victim after the server times out a connection.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3918.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3918","reference_id":"","reference_type":"","scores":[{"value":"0.91373","scoring_system":"epss","scoring_elements":"0.99655","published_at":"2026-04-04T12:55:00Z"},{"value":"0.91373","scoring_system":"epss","scoring_elements":"0.99654","published_at":"2026-04-01T12:55:00Z"},{"value":"0.91373","scoring_system":"epss","scoring_elements":"0.99653","published_at":"2026-04-02T12:55:00Z"},{"value":"0.91373","scoring_system":"epss","scoring_elements":"0.99659","published_at":"2026-04-13T12:55:00Z"},{"value":"0.91373","scoring_system":"epss","scoring_elements":"0.99656","published_at":"2026-04-07T12:55:00Z"},{"value":"0.91373","scoring_system":"epss","scoring_elements":"0.99658","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=200732","reference_id":"200732","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=200732"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=381376","reference_id":"381376","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=381376"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2006-3918.json","reference_id":"CVE-2006-3918","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2006-3918.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/28424.txt","reference_id":"CVE-2006-3918;OSVDB-27488","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/28424.txt"},{"reference_url":"https://www.securityfocus.com/bid/19661/info","reference_id":"CVE-2006-3918;OSVDB-27488","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/19661/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0618","reference_id":"RHSA-2006:0618","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0619","reference_id":"RHSA-2006:0619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0692","reference_id":"RHSA-2006:0692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584260?format=json","purl":"pkg:deb/debian/apache2@2.0.55-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.55-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2006-3918"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-me4r-1qb6-dqdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3820?format=json","vulnerability_id":"VCID-mtg7-8556-kbgd","summary":"A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.\n\nThis issue affects Apache HTTP Server 2.4.48 and earlier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40438.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40438.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40438","reference_id":"","reference_type":"","scores":[{"value":"0.94432","scoring_system":"epss","scoring_elements":"0.99985","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2005117","reference_id":"2005117","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2005117"},{"reference_url":"https://security.archlinux.org/AVG-2289","reference_id":"AVG-2289","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2289"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ","reference_id":"cisco-sa-apache-httpd-2.4.49-VWL69sWQ","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-40438.json","reference_id":"CVE-2021-40438","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-40438.json"},{"reference_url":"https://www.debian.org/security/2021/dsa-4982","reference_id":"dsa-4982","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://www.debian.org/security/2021/dsa-4982"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211008-0004/","reference_id":"ntap-20211008-0004","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20211008-0004/"},{"reference_url":"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E","reference_id":"r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E","reference_id":"r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E","reference_id":"r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E","reference_id":"r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E","reference_id":"r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E","reference_id":"r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E","reference_id":"rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3745","reference_id":"RHSA-2021:3745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3746","reference_id":"RHSA-2021:3746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3754","reference_id":"RHSA-2021:3754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3816","reference_id":"RHSA-2021:3816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3836","reference_id":"RHSA-2021:3836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3837","reference_id":"RHSA-2021:3837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3856","reference_id":"RHSA-2021:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3856"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/","reference_id":"SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf","reference_id":"ssa-685781.pdf","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf"},{"reference_url":"https://www.tenable.com/security/tns-2021-17","reference_id":"tns-2021-17","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://www.tenable.com/security/tns-2021-17"},{"reference_url":"https://usn.ubuntu.com/5090-1/","reference_id":"USN-5090-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5090-1/"},{"reference_url":"https://usn.ubuntu.com/5090-2/","reference_id":"USN-5090-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5090-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/","reference_id":"ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:08:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584440?format=json","purl":"pkg:deb/debian/apache2@2.4.49-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.49-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584441?format=json","purl":"pkg:deb/debian/apache2@2.4.51-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.51-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-40438"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mtg7-8556-kbgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92135?format=json","vulnerability_id":"VCID-n76a-bbkc-tyhh","summary":"The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857"},{"reference_url":"http://lists.err.no/pipermail/mpm-itk/2011-March/000393.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.err.no/pipermail/mpm-itk/2011-March/000393.html"},{"reference_url":"http://lists.err.no/pipermail/mpm-itk/2011-March/000394.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.err.no/pipermail/mpm-itk/2011-March/000394.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/03/20/1","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/03/20/1"},{"reference_url":"http://openwall.com/lists/oss-security/2011/03/21/13","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/03/21/13"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1176","reference_id":"","reference_type":"","scores":[{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76476","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76417","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76421","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76449","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76431","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76463","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76477","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76502","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0096","scoring_system":"epss","scoring_elements":"0.76481","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1176"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66248","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/66248"},{"reference_url":"http://www.debian.org/security/2011/dsa-2202","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2011/dsa-2202"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:057","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:057"},{"reference_url":"http://www.securityfocus.com/bid/46953","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/46953"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0748","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0748"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0749","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0749"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0824","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0824"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857","reference_id":"618857","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618857"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mpm-itk_project:mpm-itk:2.2.11-02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1176","reference_id":"CVE-2011-1176","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1176"},{"reference_url":"https://usn.ubuntu.com/1259-1/","reference_id":"USN-1259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586448?format=json","purl":"pkg:deb/debian/apache2@2.2.17-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.17-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2011-1176"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n76a-bbkc-tyhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3739?format=json","vulnerability_id":"VCID-n9e1-c2zs-zkdk","summary":"A flaw was found when mod_proxy_ajp connects to a backend server that takes too long to respond. Given a specific configuration, a remote attacker could send certain requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of service.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html#2.2.22","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html#2.2.22"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4557.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4557.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4557","reference_id":"","reference_type":"","scores":[{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96274","published_at":"2026-04-13T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96235","published_at":"2026-04-01T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96266","published_at":"2026-04-09T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.9627","published_at":"2026-04-12T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96242","published_at":"2026-04-02T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.9625","published_at":"2026-04-04T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96254","published_at":"2026-04-07T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96263","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4557"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18938","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18938"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19284","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19284"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1227298","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1227298"},{"reference_url":"http://www.debian.org/security/2012/dsa-2579","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2012/dsa-2579"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=871685","reference_id":"871685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=871685"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-4557.json","reference_id":"CVE-2012-4557","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-4557.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4557","reference_id":"CVE-2012-4557","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0512","reference_id":"RHSA-2013:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0512"},{"reference_url":"https://usn.ubuntu.com/1765-1/","reference_id":"USN-1765-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1765-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584769?format=json","purl":"pkg:deb/debian/apache2@2.2.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-4557"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n9e1-c2zs-zkdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3832?format=json","vulnerability_id":"VCID-na94-5565-dyfc","summary":"The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.\n\nModules compiled and distributed separately from Apache HTTP Server that use the \"ap_rputs\" function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28614.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28614.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28614","reference_id":"","reference_type":"","scores":[{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69266","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69289","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69311","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69295","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.6922","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.6924","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69221","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00593","scoring_system":"epss","scoring_elements":"0.69271","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513","reference_id":"1012513","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095002","reference_id":"2095002","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095002"},{"reference_url":"https://security.archlinux.org/AVG-2763","reference_id":"AVG-2763","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2763"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-28614.json","reference_id":"CVE-2022-28614","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-28614.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5487-1/","reference_id":"USN-5487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-1/"},{"reference_url":"https://usn.ubuntu.com/5487-3/","reference_id":"USN-5487-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583306?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583307?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-28614"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-na94-5565-dyfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3755?format=json","vulnerability_id":"VCID-nb91-camp-eufc","summary":"Fix handling of the Require line in mod_lau when a LuaAuthzProvider is used in multiple Require directives with different arguments. This could lead to different authentication rules than expected.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2015-0011.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2015-0011.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8109.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8109.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8109","reference_id":"","reference_type":"","scores":[{"value":"0.11719","scoring_system":"epss","scoring_elements":"0.93691","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11719","scoring_system":"epss","scoring_elements":"0.93653","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11719","scoring_system":"epss","scoring_elements":"0.93689","published_at":"2026-04-11T12:55:00Z"},{"value":"0.11719","scoring_system":"epss","scoring_elements":"0.9369","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11719","scoring_system":"epss","scoring_elements":"0.93663","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11719","scoring_system":"epss","scoring_elements":"0.93673","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11719","scoring_system":"epss","scoring_elements":"0.93674","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11719","scoring_system":"epss","scoring_elements":"0.93683","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11719","scoring_system":"epss","scoring_elements":"0.93686","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8109"},{"reference_url":"https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb"},{"reference_url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=57204","reference_id":"","reference_type":"","scores":[],"url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=57204"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://support.apple.com/HT205219","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT205219"},{"reference_url":"https://support.apple.com/kb/HT205031","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT205031"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/11/28/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/11/28/5"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"reference_url":"http://www.securityfocus.com/bid/73040","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/73040"},{"reference_url":"http://www.ubuntu.com/usn/USN-2523-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2523-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174077","reference_id":"1174077","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174077"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-8109.json","reference_id":"CVE-2014-8109","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-8109.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8109","reference_id":"CVE-2014-8109","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8109"},{"reference_url":"https://usn.ubuntu.com/2523-1/","reference_id":"USN-2523-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2523-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585410?format=json","purl":"pkg:deb/debian/apache2@2.4.10-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2014-8109"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nb91-camp-eufc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3849?format=json","vulnerability_id":"VCID-nbar-1p1f-bqfk","summary":"SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content \nUsers are recommended to upgrade to version 2.4.60 which fixes this issue.  Note: Existing configurations that access UNC paths will have to configure new directive \"UNCList\" to allow access during request processing.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38472.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38472.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38472","reference_id":"","reference_type":"","scores":[{"value":"0.90493","scoring_system":"epss","scoring_elements":"0.9961","published_at":"2026-04-13T12:55:00Z"},{"value":"0.90493","scoring_system":"epss","scoring_elements":"0.99608","published_at":"2026-04-07T12:55:00Z"},{"value":"0.90493","scoring_system":"epss","scoring_elements":"0.99609","published_at":"2026-04-11T12:55:00Z"},{"value":"0.90493","scoring_system":"epss","scoring_elements":"0.99606","published_at":"2026-04-02T12:55:00Z"},{"value":"0.90493","scoring_system":"epss","scoring_elements":"0.99607","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38472"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295011","reference_id":"2295011","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295011"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-38472.json","reference_id":"CVE-2024-38472","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-38472.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6928","reference_id":"RHSA-2024:6928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6928"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-38472"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nbar-1p1f-bqfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3644?format=json","vulnerability_id":"VCID-nkgw-gs9g-ckft","summary":"Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is \"Off\" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0840.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0840","reference_id":"","reference_type":"","scores":[{"value":"0.91102","scoring_system":"epss","scoring_elements":"0.99642","published_at":"2026-04-04T12:55:00Z"},{"value":"0.91102","scoring_system":"epss","scoring_elements":"0.99641","published_at":"2026-04-02T12:55:00Z"},{"value":"0.91102","scoring_system":"epss","scoring_elements":"0.99644","published_at":"2026-04-11T12:55:00Z"},{"value":"0.91102","scoring_system":"epss","scoring_elements":"0.99645","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0840"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616823","reference_id":"1616823","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616823"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2002-0840.json","reference_id":"CVE-2002-0840","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2002-0840.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/21885.txt","reference_id":"CVE-2002-0840;OSVDB-862","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/21885.txt"},{"reference_url":"https://www.securityfocus.com/bid/5847/info","reference_id":"CVE-2002-0840;OSVDB-862","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/5847/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:222","reference_id":"RHSA-2002:222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:243","reference_id":"RHSA-2002:243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:244","reference_id":"RHSA-2002:244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:248","reference_id":"RHSA-2002:248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:251","reference_id":"RHSA-2002:251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:106","reference_id":"RHSA-2003:106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:106"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585659?format=json","purl":"pkg:deb/debian/apache2@2.0.43-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.43-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2002-0840"],"risk_score":4.2,"exploitability":"2.0","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nkgw-gs9g-ckft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3837?format=json","vulnerability_id":"VCID-p2a1-afnh-7qca","summary":"Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism.\nThis may be used to bypass IP based authentication on the origin server/application.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31813.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31813.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31813","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11522","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11369","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11453","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11511","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13255","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13379","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13443","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13305","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513","reference_id":"1012513","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095020","reference_id":"2095020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2095020"},{"reference_url":"https://security.archlinux.org/AVG-2763","reference_id":"AVG-2763","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2763"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-31813.json","reference_id":"CVE-2022-31813","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-31813.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5487-1/","reference_id":"USN-5487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-1/"},{"reference_url":"https://usn.ubuntu.com/5487-3/","reference_id":"USN-5487-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583306?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583307?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-31813"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p2a1-afnh-7qca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3767?format=json","vulnerability_id":"VCID-pc2n-ga7g-byga","summary":"Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member \"the_request\", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.\nRFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.\nThese defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.\nThese defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.\nBy toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8743","reference_id":"","reference_type":"","scores":[{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92291","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.9233","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92322","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92328","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92298","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92304","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92307","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08406","scoring_system":"epss","scoring_elements":"0.92318","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406822","reference_id":"1406822","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406822"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-8743.json","reference_id":"CVE-2016-8743","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-8743.json"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0906","reference_id":"RHSA-2017:0906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1161","reference_id":"RHSA-2017:1161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1413","reference_id":"RHSA-2017:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1414","reference_id":"RHSA-2017:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1415","reference_id":"RHSA-2017:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1721","reference_id":"RHSA-2017:1721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1721"},{"reference_url":"https://usn.ubuntu.com/3279-1/","reference_id":"USN-3279-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3279-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582509?format=json","purl":"pkg:deb/debian/apache2@2.4.25-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2016-8743"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pc2n-ga7g-byga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3709?format=json","vulnerability_id":"VCID-pdj3-4txb-vych","summary":"A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1891","reference_id":"","reference_type":"","scores":[{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95301","published_at":"2026-04-13T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.9526","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95272","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95278","published_at":"2026-04-04T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95283","published_at":"2026-04-07T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95291","published_at":"2026-04-08T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95293","published_at":"2026-04-09T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95298","published_at":"2026-04-11T12:55:00Z"},{"value":"0.18846","scoring_system":"epss","scoring_elements":"0.95299","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=509125","reference_id":"509125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=509125"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712","reference_id":"534712","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534712"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1891.json","reference_id":"CVE-2009-1891","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1891.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-04","reference_id":"GLSA-200907-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1148","reference_id":"RHSA-2009:1148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1155","reference_id":"RHSA-2009:1155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1205","reference_id":"RHSA-2009:1205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1205"},{"reference_url":"https://usn.ubuntu.com/802-1/","reference_id":"USN-802-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/802-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585122?format=json","purl":"pkg:deb/debian/apache2@2.2.11-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.11-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2009-1891"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdj3-4txb-vych"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3719?format=json","vulnerability_id":"VCID-pdtf-5zv7-2qaf","summary":"mod_proxy_ajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger this issue, resulting in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0408","reference_id":"","reference_type":"","scores":[{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96722","published_at":"2026-04-13T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96691","published_at":"2026-04-01T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96701","published_at":"2026-04-02T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96703","published_at":"2026-04-04T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96707","published_at":"2026-04-07T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96715","published_at":"2026-04-08T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96717","published_at":"2026-04-09T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.96719","published_at":"2026-04-11T12:55:00Z"},{"value":"0.30734","scoring_system":"epss","scoring_elements":"0.9672","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=569905","reference_id":"569905","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=569905"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-0408.json","reference_id":"CVE-2010-0408","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-0408.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0168","reference_id":"RHSA-2010:0168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0396","reference_id":"RHSA-2010:0396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0396"},{"reference_url":"https://usn.ubuntu.com/908-1/","reference_id":"USN-908-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/908-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585966?format=json","purl":"pkg:deb/debian/apache2@2.2.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2010-0408"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdtf-5zv7-2qaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3854?format=json","vulnerability_id":"VCID-pjxs-hnjr-duey","summary":"null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request.\nUsers are recommended to upgrade to version 2.4.60, which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38477.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38477.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38477","reference_id":"","reference_type":"","scores":[{"value":"0.01148","scoring_system":"epss","scoring_elements":"0.78479","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01148","scoring_system":"epss","scoring_elements":"0.78472","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01148","scoring_system":"epss","scoring_elements":"0.78498","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01347","scoring_system":"epss","scoring_elements":"0.80057","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01347","scoring_system":"epss","scoring_elements":"0.80036","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01347","scoring_system":"epss","scoring_elements":"0.80046","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01347","scoring_system":"epss","scoring_elements":"0.80075","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-38477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295016","reference_id":"2295016","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295016"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-38477.json","reference_id":"CVE-2024-38477","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-38477.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240712-0001/","reference_id":"ntap-20240712-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-22T16:23:13Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240712-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4719","reference_id":"RHSA-2024:4719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4720","reference_id":"RHSA-2024:4720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4726","reference_id":"RHSA-2024:4726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4820","reference_id":"RHSA-2024:4820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4827","reference_id":"RHSA-2024:4827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4830","reference_id":"RHSA-2024:4830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4862","reference_id":"RHSA-2024:4862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4863","reference_id":"RHSA-2024:4863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4938","reference_id":"RHSA-2024:4938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4943","reference_id":"RHSA-2024:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5239","reference_id":"RHSA-2024:5239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5240","reference_id":"RHSA-2024:5240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5240"},{"reference_url":"https://usn.ubuntu.com/6885-1/","reference_id":"USN-6885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-1/"},{"reference_url":"https://usn.ubuntu.com/6885-3/","reference_id":"USN-6885-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585130?format=json","purl":"pkg:deb/debian/apache2@2.4.60-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.60-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585131?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585132?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-38477"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pjxs-hnjr-duey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3826?format=json","vulnerability_id":"VCID-pnc8-bb23-vqh1","summary":"A carefully crafted request body can cause a read to a random memory area which could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.52 and earlier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22719.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22719.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22719","reference_id":"","reference_type":"","scores":[{"value":"0.29312","scoring_system":"epss","scoring_elements":"0.96593","published_at":"2026-04-11T12:55:00Z"},{"value":"0.29312","scoring_system":"epss","scoring_elements":"0.96591","published_at":"2026-04-09T12:55:00Z"},{"value":"0.29312","scoring_system":"epss","scoring_elements":"0.96578","published_at":"2026-04-04T12:55:00Z"},{"value":"0.29312","scoring_system":"epss","scoring_elements":"0.96581","published_at":"2026-04-07T12:55:00Z"},{"value":"0.29312","scoring_system":"epss","scoring_elements":"0.96589","published_at":"2026-04-08T12:55:00Z"},{"value":"0.29312","scoring_system":"epss","scoring_elements":"0.96573","published_at":"2026-04-02T12:55:00Z"},{"value":"0.29423","scoring_system":"epss","scoring_elements":"0.96602","published_at":"2026-04-13T12:55:00Z"},{"value":"0.29423","scoring_system":"epss","scoring_elements":"0.96599","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22719"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22719","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22719"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064322","reference_id":"2064322","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064322"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-22719.json","reference_id":"CVE-2022-22719","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-22719.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://usn.ubuntu.com/5333-1/","reference_id":"USN-5333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5333-1/"},{"reference_url":"https://usn.ubuntu.com/5333-2/","reference_id":"USN-5333-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5333-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583022?format=json","purl":"pkg:deb/debian/apache2@2.4.53-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.53-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583023?format=json","purl":"pkg:deb/debian/apache2@2.4.53-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.53-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-22719"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pnc8-bb23-vqh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3729?format=json","vulnerability_id":"VCID-prd8-51a5-pygj","summary":"An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.\nPatches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3368","reference_id":"","reference_type":"","scores":[{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99065","published_at":"2026-04-13T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99054","published_at":"2026-04-01T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99059","published_at":"2026-04-04T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99062","published_at":"2026-04-07T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99063","published_at":"2026-04-08T12:55:00Z"},{"value":"0.79136","scoring_system":"epss","scoring_elements":"0.99064","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3368"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=740045","reference_id":"740045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=740045"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3368.json","reference_id":"CVE-2011-3368","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3368.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py","reference_id":"CVE-2011-3368;OSVDB-76079","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1391","reference_id":"RHSA-2011:1391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1392","reference_id":"RHSA-2011:1392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1259-1/","reference_id":"USN-1259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582849?format=json","purl":"pkg:deb/debian/apache2@2.2.21-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.21-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2011-3368"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-prd8-51a5-pygj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3870?format=json","vulnerability_id":"VCID-pru9-2rza-qycd","summary":"Server-Side Request Forgery (SSRF) vulnerability \n\n in Apache HTTP Server on Windows \n\nwith AllowEncodedSlashes On and MergeSlashes Off  allows to potentially leak NTLM \nhashes to a malicious server via SSRF and malicious requests or content\n\nUsers are recommended to upgrade to version 2.4.66, which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59775.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59775","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17765","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17718","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21743","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2184","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21801","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21695","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21773","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2183","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-59775"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419141","reference_id":"2419141","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419141"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-59775.json","reference_id":"CVE-2025-59775","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-59775.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-59775"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pru9-2rza-qycd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3683?format=json","vulnerability_id":"VCID-pufp-t6dh-xqhv","summary":"A flaw in the mod_ssl handling of the \"SSLVerifyClient\" directive. This flaw would occur if a virtual host has been configured using \"SSLVerifyClient optional\" and further a directive \"SSLVerifyClient required\" is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting.","references":[{"reference_url":"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html"},{"reference_url":"http://marc.info/?l=apache-modssl&m=112569517603897&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-modssl&m=112569517603897&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=112604765028607&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=112604765028607&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=112870296926652&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=112870296926652&w=2"},{"reference_url":"http://people.apache.org/~jorton/CAN-2005-2700.diff","reference_id":"","reference_type":"","scores":[],"url":"http://people.apache.org/~jorton/CAN-2005-2700.diff"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2700.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2700","reference_id":"","reference_type":"","scores":[{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94582","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94578","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94581","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94544","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94559","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94561","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94571","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15081","scoring_system":"epss","scoring_elements":"0.94575","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2700"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2700","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2700"},{"reference_url":"http://secunia.com/advisories/16700","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16700"},{"reference_url":"http://secunia.com/advisories/16705","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16705"},{"reference_url":"http://secunia.com/advisories/16714","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16714"},{"reference_url":"http://secunia.com/advisories/16743","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16743"},{"reference_url":"http://secunia.com/advisories/16746","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16746"},{"reference_url":"http://secunia.com/advisories/16748","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16748"},{"reference_url":"http://secunia.com/advisories/16753","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16753"},{"reference_url":"http://secunia.com/advisories/16754","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16754"},{"reference_url":"http://secunia.com/advisories/16769","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16769"},{"reference_url":"http://secunia.com/advisories/16771","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16771"},{"reference_url":"http://secunia.com/advisories/16789","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16789"},{"reference_url":"http://secunia.com/advisories/16864","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16864"},{"reference_url":"http://secunia.com/advisories/16956","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16956"},{"reference_url":"http://secunia.com/advisories/17088","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17088"},{"reference_url":"http://secunia.com/advisories/17288","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17288"},{"reference_url":"http://secunia.com/advisories/17311","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17311"},{"reference_url":"http://secunia.com/advisories/17813","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17813"},{"reference_url":"http://secunia.com/advisories/19072","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19072"},{"reference_url":"http://secunia.com/advisories/19073","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19073"},{"reference_url":"http://secunia.com/advisories/21848","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/21848"},{"reference_url":"http://secunia.com/advisories/22523","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22523"},{"reference_url":"https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"},{"reference_url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117","reference_id":"","reference_type":"","scores":[],"url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117"},{"reference_url":"http://www.debian.org/security/2005/dsa-805","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-805"},{"reference_url":"http://www.debian.org/security/2005/dsa-807","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-807"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml"},{"reference_url":"http://www.kb.cert.org/vuls/id/744929","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/744929"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:161","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:161"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_51_apache2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_51_apache2.html"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_52_apache2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_52_apache2.html"},{"reference_url":"http://www.osvdb.org/19188","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/19188"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-608.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-608.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-773.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-773.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-816.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-816.html"},{"reference_url":"http://www.securityfocus.com/bid/14721","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/14721"},{"reference_url":"http://www.ubuntu.com/usn/usn-177-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-177-1"},{"reference_url":"http://www.vupen.com/english/advisories/2005/1625","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2005/1625"},{"reference_url":"http://www.vupen.com/english/advisories/2005/2659","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2005/2659"},{"reference_url":"http://www.vupen.com/english/advisories/2006/0789","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/0789"},{"reference_url":"http://www.vupen.com/english/advisories/2006/4207","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/4207"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617741","reference_id":"1617741","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617741"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327210","reference_id":"327210","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=327210"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-2700.json","reference_id":"CVE-2005-2700","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-2700.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2700","reference_id":"CVE-2005-2700","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:608","reference_id":"RHSA-2005:608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:773","reference_id":"RHSA-2005:773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:816","reference_id":"RHSA-2005:816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:882","reference_id":"RHSA-2005:882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:882"},{"reference_url":"https://usn.ubuntu.com/177-1/","reference_id":"USN-177-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/177-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584122?format=json","purl":"pkg:deb/debian/apache2@2.0.54-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.54-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2005-2700"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pufp-t6dh-xqhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3856?format=json","vulnerability_id":"VCID-pz6f-mahv-hue8","summary":"A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers.   \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.61, which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39884.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39884","reference_id":"","reference_type":"","scores":[{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47857","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47828","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.4785","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47799","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47851","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47847","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47871","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39884"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39884","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295761","reference_id":"2295761","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295761"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/17/6","reference_id":"6","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T13:54:22Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/17/6"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-39884.json","reference_id":"CVE-2024-39884","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-39884.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240712-0002/","reference_id":"ntap-20240712-0002","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T13:54:22Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240712-0002/"},{"reference_url":"https://usn.ubuntu.com/6885-1/","reference_id":"USN-6885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583583?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-39884"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pz6f-mahv-hue8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90445?format=json","vulnerability_id":"VCID-q2hz-2qtr-dbht","summary":"Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\"","references":[{"reference_url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511","reference_id":"","reference_type":"","scores":[],"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511"},{"reference_url":"http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2"},{"reference_url":"http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2"},{"reference_url":"http://osvdb.org/38639","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/38639"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1741.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1741.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1741","reference_id":"","reference_type":"","scores":[{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26034","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26116","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26197","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26238","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2601","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26077","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26129","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26138","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26093","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1741"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33584","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33584"},{"reference_url":"http://www.securityfocus.com/bid/23438","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/23438"},{"reference_url":"http://www.securitytracker.com/id?1017904","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1017904"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1741","reference_id":"CVE-2007-1741","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1741"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583308?format=json","purl":"pkg:deb/debian/apache2@2.2.8-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-1741"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q2hz-2qtr-dbht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3777?format=json","vulnerability_id":"VCID-q5wm-suxb-jfeb","summary":"The expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the trailing portion of the filename.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15715.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15715.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15715","reference_id":"","reference_type":"","scores":[{"value":"0.94103","scoring_system":"epss","scoring_elements":"0.99909","published_at":"2026-04-13T12:55:00Z"},{"value":"0.94103","scoring_system":"epss","scoring_elements":"0.99907","published_at":"2026-04-08T12:55:00Z"},{"value":"0.94103","scoring_system":"epss","scoring_elements":"0.99908","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560614","reference_id":"1560614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560614"},{"reference_url":"https://security.archlinux.org/ASA-201804-4","reference_id":"ASA-201804-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201804-4"},{"reference_url":"https://security.archlinux.org/AVG-664","reference_id":"AVG-664","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-664"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-15715.json","reference_id":"CVE-2017-15715","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-15715.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0366","reference_id":"RHSA-2019:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0367","reference_id":"RHSA-2019:0367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3958","reference_id":"RHSA-2020:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3958"},{"reference_url":"https://usn.ubuntu.com/3627-1/","reference_id":"USN-3627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-1/"},{"reference_url":"https://usn.ubuntu.com/3627-2/","reference_id":"USN-3627-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584735?format=json","purl":"pkg:deb/debian/apache2@2.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-15715"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5wm-suxb-jfeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3768?format=json","vulnerability_id":"VCID-qayj-kts9-3fde","summary":"Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Third-party module writers SHOULD use ap_get_basic_auth_components(), available in 2.2.34 and 2.4.26, instead of ap_get_basic_auth_pw(). Modules which call the legacy ap_get_basic_auth_pw() during the authentication phase MUST either immediately authenticate the user after the call, or else stop the request immediately with an error response, to avoid incorrectly authenticating the current request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3167","reference_id":"","reference_type":"","scores":[{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93162","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93191","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93183","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93187","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93192","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.9319","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93172","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93176","published_at":"2026-04-04T12:55:00Z"},{"value":"0.10349","scoring_system":"epss","scoring_elements":"0.93174","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"},{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463194","reference_id":"1463194","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463194"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-3167.json","reference_id":"CVE-2017-3167","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-3167.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584426?format=json","purl":"pkg:deb/debian/apache2@2.4.25-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-3167"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qayj-kts9-3fde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3784?format=json","vulnerability_id":"VCID-qc9j-x576-ayc1","summary":"By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8011.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8011.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8011","reference_id":"","reference_type":"","scores":[{"value":"0.8201","scoring_system":"epss","scoring_elements":"0.99199","published_at":"2026-04-01T12:55:00Z"},{"value":"0.8201","scoring_system":"epss","scoring_elements":"0.99201","published_at":"2026-04-02T12:55:00Z"},{"value":"0.8201","scoring_system":"epss","scoring_elements":"0.99208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.8201","scoring_system":"epss","scoring_elements":"0.99207","published_at":"2026-04-13T12:55:00Z"},{"value":"0.8201","scoring_system":"epss","scoring_elements":"0.99203","published_at":"2026-04-04T12:55:00Z"},{"value":"0.8201","scoring_system":"epss","scoring_elements":"0.99209","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-8011","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-8011"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180926-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20180926-0007/"},{"reference_url":"http://www.securitytracker.com/id/1041401","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1041401"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1605052","reference_id":"1605052","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1605052"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904107","reference_id":"904107","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904107"},{"reference_url":"https://security.archlinux.org/ASA-201807-12","reference_id":"ASA-201807-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201807-12"},{"reference_url":"https://security.archlinux.org/AVG-736","reference_id":"AVG-736","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-736"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-8011.json","reference_id":"CVE-2018-8011","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-8011.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-8011","reference_id":"CVE-2018-8011","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-8011"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585975?format=json","purl":"pkg:deb/debian/apache2@2.4.34-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.34-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-8011"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qc9j-x576-ayc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3688?format=json","vulnerability_id":"VCID-qf2e-kgxk-pkhc","summary":"An off-by-one flaw exists in the Rewrite module, mod_rewrite. Depending on the manner in which Apache httpd was compiled, this software defect may result in a vulnerability which, in combination with certain types of Rewrite rules in the web server configuration files, could be triggered remotely. For vulnerable builds, the nature of the vulnerability can be denial of service (crashing of web server processes) or potentially allow arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3747.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3747.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3747","reference_id":"","reference_type":"","scores":[{"value":"0.92606","scoring_system":"epss","scoring_elements":"0.99741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.92606","scoring_system":"epss","scoring_elements":"0.99742","published_at":"2026-04-04T12:55:00Z"},{"value":"0.92606","scoring_system":"epss","scoring_elements":"0.99743","published_at":"2026-04-13T12:55:00Z"},{"value":"0.92606","scoring_system":"epss","scoring_elements":"0.99744","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380182","reference_id":"380182","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=380182"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2006-3747.json","reference_id":"CVE-2006-3747","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2006-3747.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16752.rb","reference_id":"CVE-2006-3747;OSVDB-27588","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16752.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/3996.c","reference_id":"CVE-2006-3747;OSVDB-27588","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/3996.c"},{"reference_url":"https://security.gentoo.org/glsa/200608-01","reference_id":"GLSA-200608-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-01"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/2237.sh","reference_id":"OSVDB-27588;CVE-2006-3747","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/2237.sh"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/3680.sh","reference_id":"OSVDB-27588;CVE-2006-3747","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/3680.sh"},{"reference_url":"https://usn.ubuntu.com/328-1/","reference_id":"USN-328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/328-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584260?format=json","purl":"pkg:deb/debian/apache2@2.0.55-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.55-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2006-3747"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qf2e-kgxk-pkhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3857?format=json","vulnerability_id":"VCID-qjeh-n57t-y7g5","summary":"A partial fix for  CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. \"AddType\" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.\n\nUsers are recommended to upgrade to version 2.4.62, which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40725.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40725.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40725","reference_id":"","reference_type":"","scores":[{"value":"0.25097","scoring_system":"epss","scoring_elements":"0.96177","published_at":"2026-04-13T12:55:00Z"},{"value":"0.25097","scoring_system":"epss","scoring_elements":"0.96159","published_at":"2026-04-07T12:55:00Z"},{"value":"0.25097","scoring_system":"epss","scoring_elements":"0.96169","published_at":"2026-04-08T12:55:00Z"},{"value":"0.25097","scoring_system":"epss","scoring_elements":"0.96173","published_at":"2026-04-09T12:55:00Z"},{"value":"0.25097","scoring_system":"epss","scoring_elements":"0.96175","published_at":"2026-04-12T12:55:00Z"},{"value":"0.25097","scoring_system":"epss","scoring_elements":"0.96154","published_at":"2026-04-04T12:55:00Z"},{"value":"0.26567","scoring_system":"epss","scoring_elements":"0.96301","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40725"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40725","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40725"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297362","reference_id":"2297362","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297362"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-40725.json","reference_id":"CVE-2024-40725","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-40725.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://usn.ubuntu.com/6902-1/","reference_id":"USN-6902-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6902-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585557?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585558?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-40725"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjeh-n57t-y7g5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3830?format=json","vulnerability_id":"VCID-qm7e-n9ay-hufy","summary":"Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to.  This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26377.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26377.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26377","reference_id":"","reference_type":"","scores":[{"value":"0.39296","scoring_system":"epss","scoring_elements":"0.97289","published_at":"2026-04-13T12:55:00Z"},{"value":"0.39296","scoring_system":"epss","scoring_elements":"0.97287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.39296","scoring_system":"epss","scoring_elements":"0.97288","published_at":"2026-04-12T12:55:00Z"},{"value":"0.3988","scoring_system":"epss","scoring_elements":"0.97321","published_at":"2026-04-09T12:55:00Z"},{"value":"0.3988","scoring_system":"epss","scoring_elements":"0.97314","published_at":"2026-04-07T12:55:00Z"},{"value":"0.3988","scoring_system":"epss","scoring_elements":"0.97308","published_at":"2026-04-02T12:55:00Z"},{"value":"0.3988","scoring_system":"epss","scoring_elements":"0.97313","published_at":"2026-04-04T12:55:00Z"},{"value":"0.3988","scoring_system":"epss","scoring_elements":"0.9732","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513","reference_id":"1012513","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012513"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2094997","reference_id":"2094997","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2094997"},{"reference_url":"https://security.archlinux.org/AVG-2763","reference_id":"AVG-2763","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2763"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-26377.json","reference_id":"CVE-2022-26377","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-26377.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5487-1/","reference_id":"USN-5487-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-1/"},{"reference_url":"https://usn.ubuntu.com/5487-3/","reference_id":"USN-5487-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5487-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583306?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583307?format=json","purl":"pkg:deb/debian/apache2@2.4.54-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.54-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-26377"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qm7e-n9ay-hufy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3823?format=json","vulnerability_id":"VCID-qn74-neyt-jkg9","summary":"It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient.  An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives.  \n\nIf files outside of these directories are not protected by the usual default configuration \"require all denied\", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution.\n\nThis issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42013.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42013.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42013","reference_id":"","reference_type":"","scores":[{"value":"0.9441","scoring_system":"epss","scoring_elements":"0.99979","published_at":"2026-04-02T12:55:00Z"},{"value":"0.9441","scoring_system":"epss","scoring_elements":"0.99978","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42013"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/1","reference_id":"1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/09/1","reference_id":"1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/09/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/16/1","reference_id":"1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/16/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/2","reference_id":"2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011900","reference_id":"2011900","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011900"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/3","reference_id":"3","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/15/3","reference_id":"3","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/15/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/4","reference_id":"4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/11/4","reference_id":"4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/11/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/5","reference_id":"5","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/07/6","reference_id":"6","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/07/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/10/08/6","reference_id":"6","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/10/08/6"},{"reference_url":"http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html","reference_id":"Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html"},{"reference_url":"https://www.povilaika.com/apache-2-4-50-exploit/","reference_id":"apache-2-4-50-exploit","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"https://www.povilaika.com/apache-2-4-50-exploit/"},{"reference_url":"http://packetstormsecurity.com/files/167397/Apache-2.4.50-Remote-Code-Execution.html","reference_id":"Apache-2.4.50-Remote-Code-Execution.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://packetstormsecurity.com/files/167397/Apache-2.4.50-Remote-Code-Execution.html"},{"reference_url":"http://packetstormsecurity.com/files/165089/Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html","reference_id":"Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://packetstormsecurity.com/files/165089/Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html"},{"reference_url":"http://packetstormsecurity.com/files/164501/Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html","reference_id":"Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://packetstormsecurity.com/files/164501/Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html"},{"reference_url":"http://packetstormsecurity.com/files/164609/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html","reference_id":"Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://packetstormsecurity.com/files/164609/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html"},{"reference_url":"http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html","reference_id":"Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html"},{"reference_url":"https://security.archlinux.org/ASA-202110-1","reference_id":"ASA-202110-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202110-1"},{"reference_url":"https://security.archlinux.org/AVG-2450","reference_id":"AVG-2450","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2450"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ","reference_id":"cisco-sa-apache-httpd-pathtrv-LAzg68cZ","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-pathtrv-LAzg68cZ"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50406.sh","reference_id":"CVE-2021-42013","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50406.sh"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50446.sh","reference_id":"CVE-2021-42013","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/50446.sh"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-42013.json","reference_id":"CVE-2021-42013","reference_type":"","scores":[{"value":"critical","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-42013.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"http://jvn.jp/en/jp/JVN51106450/index.html","reference_id":"index.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"http://jvn.jp/en/jp/JVN51106450/index.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211029-0009/","reference_id":"ntap-20211029-0009","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20211029-0009/"},{"reference_url":"https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E","reference_id":"r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"https://lists.apache.org/thread.html/r17a4c6ce9aff662efd9459e9d1850ab4a611cb23392fc68264c72cb3%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E","reference_id":"r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"https://lists.apache.org/thread.html/r7c795cd45a3384d4d27e57618a215b0ed19cb6ca8eb070061ad5d837%40%3Cannounce.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E","reference_id":"rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"https://lists.apache.org/thread.html/rb5b0e46f179f60b0c70204656bc52fcb558e961cb4d06a971e9e3efb%40%3Cusers.httpd.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/","reference_id":"RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMIIEFINL6FUIOPD2A3M5XC6DH45Y3CC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/","reference_id":"WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T14:28:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS5RVHOIIRECG65ZBTZY7IEJVWQSQPG3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/586654?format=json","purl":"pkg:deb/debian/apache2@2.4.51-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.51-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-42013"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qn74-neyt-jkg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3687?format=json","vulnerability_id":"VCID-qufv-kta7-1feu","summary":"A NULL pointer dereference flaw in mod_ssl was discovered affecting server configurations where an SSL virtual host is configured with access control and a custom 400 error document. A remote attacker could send a carefully crafted request to trigger this issue which would lead to a crash. This crash would only be a denial of service if using the worker MPM.","references":[{"reference_url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U","reference_id":"","reference_type":"","scores":[],"url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"},{"reference_url":"http://issues.apache.org/bugzilla/show_bug.cgi?id=37791","reference_id":"","reference_type":"","scores":[],"url":"http://issues.apache.org/bugzilla/show_bug.cgi?id=37791"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"},{"reference_url":"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=130497311408250&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2006-0159.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2006-0159.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3357.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3357.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3357","reference_id":"","reference_type":"","scores":[{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97512","published_at":"2026-04-13T12:55:00Z"},{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97488","published_at":"2026-04-01T12:55:00Z"},{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97509","published_at":"2026-04-11T12:55:00Z"},{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97511","published_at":"2026-04-12T12:55:00Z"},{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97494","published_at":"2026-04-02T12:55:00Z"},{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97497","published_at":"2026-04-04T12:55:00Z"},{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97499","published_at":"2026-04-07T12:55:00Z"},{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97505","published_at":"2026-04-08T12:55:00Z"},{"value":"0.43464","scoring_system":"epss","scoring_elements":"0.97506","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357"},{"reference_url":"http://secunia.com/advisories/18307","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18307"},{"reference_url":"http://secunia.com/advisories/18333","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18333"},{"reference_url":"http://secunia.com/advisories/18339","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18339"},{"reference_url":"http://secunia.com/advisories/18340","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18340"},{"reference_url":"http://secunia.com/advisories/18429","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18429"},{"reference_url":"http://secunia.com/advisories/18517","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18517"},{"reference_url":"http://secunia.com/advisories/18585","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18585"},{"reference_url":"http://secunia.com/advisories/18743","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18743"},{"reference_url":"http://secunia.com/advisories/19012","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19012"},{"reference_url":"http://secunia.com/advisories/21848","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/21848"},{"reference_url":"http://secunia.com/advisories/22233","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22233"},{"reference_url":"http://secunia.com/advisories/22368","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22368"},{"reference_url":"http://secunia.com/advisories/22523","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22523"},{"reference_url":"http://secunia.com/advisories/22669","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22669"},{"reference_url":"http://secunia.com/advisories/22992","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/22992"},{"reference_url":"http://secunia.com/advisories/23260","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/23260"},{"reference_url":"http://secunia.com/advisories/29849","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/29849"},{"reference_url":"http://secunia.com/advisories/30430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30430"},{"reference_url":"http://securitytracker.com/id?1015447","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1015447"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"},{"reference_url":"http://svn.apache.org/viewcvs?rev=358026&view=rev","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewcvs?rev=358026&view=rev"},{"reference_url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117","reference_id":"","reference_type":"","scores":[],"url":"http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml"},{"reference_url":"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html"},{"reference_url":"http://www.securityfocus.com/archive/1/425399/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/425399/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/445206/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/445206/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/450315/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/450315/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/16152","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/16152"},{"reference_url":"http://www.trustix.org/errata/2005/0074/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2005/0074/"},{"reference_url":"http://www.ubuntulinux.org/usn/usn-241-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntulinux.org/usn/usn-241-1"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-150A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-150A.html"},{"reference_url":"http://www.vupen.com/english/advisories/2006/0056","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/0056"},{"reference_url":"http://www.vupen.com/english/advisories/2006/3920","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/3920"},{"reference_url":"http://www.vupen.com/english/advisories/2006/3995","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/3995"},{"reference_url":"http://www.vupen.com/english/advisories/2006/4207","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/4207"},{"reference_url":"http://www.vupen.com/english/advisories/2006/4300","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/4300"},{"reference_url":"http://www.vupen.com/english/advisories/2006/4868","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/4868"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1246/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1246/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1697","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1697"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617818","reference_id":"1617818","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617818"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351246","reference_id":"351246","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351246"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.54:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.55:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-3357.json","reference_id":"CVE-2005-3357","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-3357.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-3357","reference_id":"CVE-2005-3357","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-3357"},{"reference_url":"https://security.gentoo.org/glsa/200602-03","reference_id":"GLSA-200602-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0159","reference_id":"RHSA-2006:0159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0159"},{"reference_url":"https://usn.ubuntu.com/241-1/","reference_id":"USN-241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584865?format=json","purl":"pkg:deb/debian/apache2@2.0.55-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.55-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2005-3357"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qufv-kta7-1feu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3848?format=json","vulnerability_id":"VCID-r2pc-wuzb-h7hk","summary":"Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36387.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-36387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36387","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.3415","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34143","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34186","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34215","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34216","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34247","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.3428","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-36387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38474"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39573"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295006","reference_id":"2295006","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295006"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-36387.json","reference_id":"CVE-2024-36387","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-36387.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240712-0001/","reference_id":"ntap-20240712-0001","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-22T16:22:03Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240712-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8680","reference_id":"RHSA-2024:8680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3452","reference_id":"RHSA-2025:3452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3453","reference_id":"RHSA-2025:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3453"},{"reference_url":"https://usn.ubuntu.com/6885-1/","reference_id":"USN-6885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6885-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585130?format=json","purl":"pkg:deb/debian/apache2@2.4.60-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.60-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585131?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585132?format=json","purl":"pkg:deb/debian/apache2@2.4.61-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.61-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-36387"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r2pc-wuzb-h7hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3863?format=json","vulnerability_id":"VCID-r471-g9xs-sbga","summary":"In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption.\n\nConfigurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23048.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23048.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23048","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09386","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09416","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0943","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.094","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09071","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09124","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09292","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09368","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23048"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374576","reference_id":"2374576","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374576"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-23048.json","reference_id":"CVE-2025-23048","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-23048.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13680","reference_id":"RHSA-2025:13680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13681","reference_id":"RHSA-2025:13681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14901","reference_id":"RHSA-2025:14901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14902","reference_id":"RHSA-2025:14902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14903","reference_id":"RHSA-2025:14903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15023","reference_id":"RHSA-2025:15023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15095","reference_id":"RHSA-2025:15095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15123","reference_id":"RHSA-2025:15123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15516","reference_id":"RHSA-2025:15516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15619","reference_id":"RHSA-2025:15619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15684","reference_id":"RHSA-2025:15684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15698","reference_id":"RHSA-2025:15698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15698"},{"reference_url":"https://usn.ubuntu.com/7639-1/","reference_id":"USN-7639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-1/"},{"reference_url":"https://usn.ubuntu.com/7639-2/","reference_id":"USN-7639-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584089?format=json","purl":"pkg:deb/debian/apache2@2.4.64-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.64-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584090?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584091?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-23048"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r471-g9xs-sbga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3818?format=json","vulnerability_id":"VCID-rdtq-8ng5-53fn","summary":"A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS).\n\nThis issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36160.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36160.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36160","reference_id":"","reference_type":"","scores":[{"value":"0.03716","scoring_system":"epss","scoring_elements":"0.8792","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03716","scoring_system":"epss","scoring_elements":"0.87977","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03716","scoring_system":"epss","scoring_elements":"0.87974","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03716","scoring_system":"epss","scoring_elements":"0.87985","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03716","scoring_system":"epss","scoring_elements":"0.87978","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03716","scoring_system":"epss","scoring_elements":"0.8793","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03716","scoring_system":"epss","scoring_elements":"0.87943","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03716","scoring_system":"epss","scoring_elements":"0.87947","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03716","scoring_system":"epss","scoring_elements":"0.87968","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2005124","reference_id":"2005124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2005124"},{"reference_url":"https://security.archlinux.org/AVG-2289","reference_id":"AVG-2289","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2289"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-36160.json","reference_id":"CVE-2021-36160","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-36160.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1915","reference_id":"RHSA-2022:1915","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1915"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7143","reference_id":"RHSA-2022:7143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7144","reference_id":"RHSA-2022:7144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7144"},{"reference_url":"https://usn.ubuntu.com/5090-1/","reference_id":"USN-5090-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5090-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584440?format=json","purl":"pkg:deb/debian/apache2@2.4.49-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.49-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584441?format=json","purl":"pkg:deb/debian/apache2@2.4.51-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.51-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-36160"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rdtq-8ng5-53fn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3762?format=json","vulnerability_id":"VCID-rfqy-e7pv-dyfy","summary":"Malicious input to mod_auth_digest will cause the server to crash, and each instance continues to crash even for subsequently valid requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2161.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2161","reference_id":"","reference_type":"","scores":[{"value":"0.33186","scoring_system":"epss","scoring_elements":"0.96873","published_at":"2026-04-01T12:55:00Z"},{"value":"0.33186","scoring_system":"epss","scoring_elements":"0.96905","published_at":"2026-04-13T12:55:00Z"},{"value":"0.33186","scoring_system":"epss","scoring_elements":"0.96902","published_at":"2026-04-11T12:55:00Z"},{"value":"0.33186","scoring_system":"epss","scoring_elements":"0.96904","published_at":"2026-04-12T12:55:00Z"},{"value":"0.33186","scoring_system":"epss","scoring_elements":"0.9688","published_at":"2026-04-02T12:55:00Z"},{"value":"0.33186","scoring_system":"epss","scoring_elements":"0.96885","published_at":"2026-04-04T12:55:00Z"},{"value":"0.33186","scoring_system":"epss","scoring_elements":"0.9689","published_at":"2026-04-07T12:55:00Z"},{"value":"0.33186","scoring_system":"epss","scoring_elements":"0.96898","published_at":"2026-04-08T12:55:00Z"},{"value":"0.33186","scoring_system":"epss","scoring_elements":"0.96899","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406753","reference_id":"1406753","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406753"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-2161.json","reference_id":"CVE-2016-2161","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-2161.json"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0906","reference_id":"RHSA-2017:0906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1161","reference_id":"RHSA-2017:1161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1413","reference_id":"RHSA-2017:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1414","reference_id":"RHSA-2017:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1415","reference_id":"RHSA-2017:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1415"},{"reference_url":"https://usn.ubuntu.com/3279-1/","reference_id":"USN-3279-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3279-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582509?format=json","purl":"pkg:deb/debian/apache2@2.4.25-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2016-2161"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rfqy-e7pv-dyfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3678?format=json","vulnerability_id":"VCID-rhhj-jhej-gfcj","summary":"An issue was discovered where the field length limit was not enforced for certain malicious requests. This could allow a remote attacker who is able to send large amounts of data to a server the ability to cause Apache children to consume proportional amounts of memory, leading to a denial of service.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"},{"reference_url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028248.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028248.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=110384374213596&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=110384374213596&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0942.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0942.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0942","reference_id":"","reference_type":"","scores":[{"value":"0.79222","scoring_system":"epss","scoring_elements":"0.99068","published_at":"2026-04-13T12:55:00Z"},{"value":"0.79222","scoring_system":"epss","scoring_elements":"0.99066","published_at":"2026-04-08T12:55:00Z"},{"value":"0.79222","scoring_system":"epss","scoring_elements":"0.99067","published_at":"2026-04-11T12:55:00Z"},{"value":"0.79222","scoring_system":"epss","scoring_elements":"0.99058","published_at":"2026-04-01T12:55:00Z"},{"value":"0.79222","scoring_system":"epss","scoring_elements":"0.99059","published_at":"2026-04-02T12:55:00Z"},{"value":"0.79222","scoring_system":"epss","scoring_elements":"0.99063","published_at":"2026-04-04T12:55:00Z"},{"value":"0.79222","scoring_system":"epss","scoring_elements":"0.99065","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0942"},{"reference_url":"http://secunia.com/advisories/19072","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19072"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17930","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17930"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10962","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10962"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"},{"reference_url":"http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123","reference_id":"","reference_type":"","scores":[],"url":"http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01123"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2004:135","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2004:135"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2004-562.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2004-562.html"},{"reference_url":"http://www.trustix.org/errata/2004/0061/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2004/0061/"},{"reference_url":"http://www.vupen.com/english/advisories/2006/0789","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/0789"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617326","reference_id":"1617326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617326"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0942.json","reference_id":"CVE-2004-0942","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0942.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2004-0942","reference_id":"CVE-2004-0942","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-0942"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/855.pl","reference_id":"OSVDB-11391;CVE-2004-0942","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/855.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:562","reference_id":"RHSA-2004:562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:562"},{"reference_url":"https://usn.ubuntu.com/23-1/","reference_id":"USN-23-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/23-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585687?format=json","purl":"pkg:deb/debian/apache2@2.0.52-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.52-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0942"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhhj-jhej-gfcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3737?format=json","vulnerability_id":"VCID-rhk3-ujc1-q7fj","summary":"Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3499","reference_id":"","reference_type":"","scores":[{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93186","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93158","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93183","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93188","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93168","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93172","published_at":"2026-04-04T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.9317","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10341","scoring_system":"epss","scoring_elements":"0.93179","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499"},{"reference_url":"http://secunia.com/advisories/55032","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/55032"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19312","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19312"},{"reference_url":"http://support.apple.com/kb/HT5880","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5880"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_info.c?r1=1225799&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_info.c?r1=1225799&r2=1413732&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1389564&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1389564&r2=1413732&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c?r1=1209766&r2=1418752&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ldap/util_ldap_cache_mgr.c?r1=1209766&r2=1418752&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_imagemap.c?r1=1398480&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_imagemap.c?r1=1398480&r2=1413732&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_ftp.c?r1=1404625&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_ftp.c?r1=1404625&r2=1413732&diff_format=h"},{"reference_url":"http://www.debian.org/security/2013/dsa-2637","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2013/dsa-2637"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"},{"reference_url":"http://www.securityfocus.com/bid/58165","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/58165"},{"reference_url":"http://www.securityfocus.com/bid/64758","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/64758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=915883","reference_id":"915883","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=915883"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-3499.json","reference_id":"CVE-2012-3499","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-3499.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3499","reference_id":"CVE-2012-3499","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1011","reference_id":"RHSA-2013:1011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1012","reference_id":"RHSA-2013:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1013","reference_id":"RHSA-2013:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1765-1/","reference_id":"USN-1765-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1765-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585286?format=json","purl":"pkg:deb/debian/apache2@2.2.22-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-3499"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhk3-ujc1-q7fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3752?format=json","vulnerability_id":"VCID-rhwb-4vyp-8kf2","summary":"A flaw was found in the WinNT MPM in httpd versions 2.4.1 to 2.4.9, when using the default AcceptFilter for that platform. A remote attacker could send carefully crafted requests that would leak memory and eventually lead to a denial of service against the server.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3523.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3523.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3523","reference_id":"","reference_type":"","scores":[{"value":"0.35235","scoring_system":"epss","scoring_elements":"0.9701","published_at":"2026-04-01T12:55:00Z"},{"value":"0.35235","scoring_system":"epss","scoring_elements":"0.97037","published_at":"2026-04-13T12:55:00Z"},{"value":"0.35235","scoring_system":"epss","scoring_elements":"0.97033","published_at":"2026-04-09T12:55:00Z"},{"value":"0.35235","scoring_system":"epss","scoring_elements":"0.97036","published_at":"2026-04-12T12:55:00Z"},{"value":"0.35235","scoring_system":"epss","scoring_elements":"0.97018","published_at":"2026-04-02T12:55:00Z"},{"value":"0.35235","scoring_system":"epss","scoring_elements":"0.97022","published_at":"2026-04-07T12:55:00Z"},{"value":"0.35235","scoring_system":"epss","scoring_elements":"0.97032","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3523"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c?r1=1608785&r2=1610652&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/winnt/child.c?r1=1608785&r2=1610652&diff_format=h"},{"reference_url":"http://www.securityfocus.com/bid/68747","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/68747"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1121519","reference_id":"1121519","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1121519"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-3523.json","reference_id":"CVE-2014-3523","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-3523.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3523","reference_id":"CVE-2014-3523","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2014-3523"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhwb-4vyp-8kf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3781?format=json","vulnerability_id":"VCID-scf1-zmu7-e3b2","summary":"A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.33 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of mod_cache_socache.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1303.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1303.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1303","reference_id":"","reference_type":"","scores":[{"value":"0.40137","scoring_system":"epss","scoring_elements":"0.97315","published_at":"2026-04-01T12:55:00Z"},{"value":"0.40137","scoring_system":"epss","scoring_elements":"0.97337","published_at":"2026-04-13T12:55:00Z"},{"value":"0.40137","scoring_system":"epss","scoring_elements":"0.97333","published_at":"2026-04-09T12:55:00Z"},{"value":"0.40137","scoring_system":"epss","scoring_elements":"0.97335","published_at":"2026-04-11T12:55:00Z"},{"value":"0.40137","scoring_system":"epss","scoring_elements":"0.97336","published_at":"2026-04-12T12:55:00Z"},{"value":"0.40137","scoring_system":"epss","scoring_elements":"0.97321","published_at":"2026-04-02T12:55:00Z"},{"value":"0.40137","scoring_system":"epss","scoring_elements":"0.97325","published_at":"2026-04-04T12:55:00Z"},{"value":"0.40137","scoring_system":"epss","scoring_elements":"0.97326","published_at":"2026-04-07T12:55:00Z"},{"value":"0.40137","scoring_system":"epss","scoring_elements":"0.97332","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560399","reference_id":"1560399","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560399"},{"reference_url":"https://security.archlinux.org/ASA-201804-4","reference_id":"ASA-201804-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201804-4"},{"reference_url":"https://security.archlinux.org/AVG-664","reference_id":"AVG-664","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-664"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2018-1303.json","reference_id":"CVE-2018-1303","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2018-1303.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0366","reference_id":"RHSA-2019:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0367","reference_id":"RHSA-2019:0367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3958","reference_id":"RHSA-2020:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3958"},{"reference_url":"https://usn.ubuntu.com/3627-1/","reference_id":"USN-3627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-1/"},{"reference_url":"https://usn.ubuntu.com/3627-2/","reference_id":"USN-3627-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584735?format=json","purl":"pkg:deb/debian/apache2@2.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2018-1303"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scf1-zmu7-e3b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3694?format=json","vulnerability_id":"VCID-srxw-jjvr-p3d5","summary":"The Apache HTTP server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the HTTP server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service.","references":[{"reference_url":"ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"},{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=186219","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=186219"},{"reference_url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245111"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01182588"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_13.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_13.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_20.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_20.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://lists.vmware.com/pipermail/security-announce/2009/000062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.vmware.com/pipermail/security-announce/2009/000062.html"},{"reference_url":"http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e","reference_id":"","reference_type":"","scores":[],"url":"http://mail-archives.apache.org/mod_mbox/httpd-dev/200706.mbox/%3c20070629141032.GA15192%40redhat.com%3e"},{"reference_url":"http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=apache-httpd-dev&m=118252946632447&w=2"},{"reference_url":"http://osvdb.org/38939","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/38939"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2007-0556.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2007-0556.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3304.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3304","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26977","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27093","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27078","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27034","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27133","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27169","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26961","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27075","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304"},{"reference_url":"http://secunia.com/advisories/25827","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25827"},{"reference_url":"http://secunia.com/advisories/25830","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25830"},{"reference_url":"http://secunia.com/advisories/25920","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25920"},{"reference_url":"http://secunia.com/advisories/26211","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26211"},{"reference_url":"http://secunia.com/advisories/26273","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26273"},{"reference_url":"http://secunia.com/advisories/26443","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26443"},{"reference_url":"http://secunia.com/advisories/26508","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26508"},{"reference_url":"http://secunia.com/advisories/26611","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26611"},{"reference_url":"http://secunia.com/advisories/26759","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26759"},{"reference_url":"http://secunia.com/advisories/26790","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26790"},{"reference_url":"http://secunia.com/advisories/26822","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26822"},{"reference_url":"http://secunia.com/advisories/26842","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26842"},{"reference_url":"http://secunia.com/advisories/26993","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26993"},{"reference_url":"http://secunia.com/advisories/27121","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27121"},{"reference_url":"http://secunia.com/advisories/27209","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27209"},{"reference_url":"http://secunia.com/advisories/27563","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27563"},{"reference_url":"http://secunia.com/advisories/27732","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/27732"},{"reference_url":"http://secunia.com/advisories/28212","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/28212"},{"reference_url":"http://secunia.com/advisories/28224","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/28224"},{"reference_url":"http://secunia.com/advisories/28606","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/28606"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200711-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200711-06.xml"},{"reference_url":"http://security.psnc.pl/files/apache_report.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://security.psnc.pl/files/apache_report.pdf"},{"reference_url":"http://securityreason.com/securityalert/2814","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/2814"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35095","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35095"},{"reference_url":"https://issues.rpath.com/browse/RPL-1710","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1710"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11589"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103179-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-200032-1"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2007-353.htm"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2007-363.htm"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=547987","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=547987"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK52702"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=swg1PK53984"},{"reference_url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/search.wss?rs=0&q=PK50467&apar=only"},{"reference_url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.fujitsu.com/global/support/software/security/products-f/interstage-200802e.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:140"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:142"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_61_apache2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_61_apache2.html"},{"reference_url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/archives/fedora-package-announce/2007-September/msg00320.html"},{"reference_url":"http://www.redhat.com/errata/RHSA-2007-0532.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/errata/RHSA-2007-0532.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0557.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0557.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0662.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0662.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0261.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0261.html"},{"reference_url":"http://www.securityfocus.com/archive/1/469899/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/469899/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/471832/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/471832/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/505990/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/505990/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/24215","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/24215"},{"reference_url":"http://www.securitytracker.com/id?1018304","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1018304"},{"reference_url":"http://www.trustix.org/errata/2007/0026/","reference_id":"","reference_type":"","scores":[],"url":"http://www.trustix.org/errata/2007/0026/"},{"reference_url":"http://www.ubuntu.com/usn/usn-499-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-499-1"},{"reference_url":"http://www.vupen.com/english/advisories/2007/2727","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/2727"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3100","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3100"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3283","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3283"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3420","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3420"},{"reference_url":"http://www.vupen.com/english/advisories/2007/3494","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/3494"},{"reference_url":"http://www.vupen.com/english/advisories/2007/4305","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/4305"},{"reference_url":"http://www.vupen.com/english/advisories/2008/0233","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/0233"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=245111","reference_id":"245111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=245111"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-3304.json","reference_id":"CVE-2007-3304","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-3304.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-3304","reference_id":"CVE-2007-3304","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-3304"},{"reference_url":"https://security.gentoo.org/glsa/200711-06","reference_id":"GLSA-200711-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0532","reference_id":"RHSA-2007:0532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0556","reference_id":"RHSA-2007:0556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0557","reference_id":"RHSA-2007:0557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0662","reference_id":"RHSA-2007:0662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0263","reference_id":"RHSA-2008:0263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"},{"reference_url":"https://usn.ubuntu.com/499-1/","reference_id":"USN-499-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/499-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585269?format=json","purl":"pkg:deb/debian/apache2@2.2.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-3304"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-srxw-jjvr-p3d5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3701?format=json","vulnerability_id":"VCID-ss79-kcpu-mqd5","summary":"A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005","reference_id":"","reference_type":"","scores":[{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85758","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85683","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85695","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.8572","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85739","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.8575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85765","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85761","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739","reference_id":"427739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-0005.json","reference_id":"CVE-2008-0005","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-0005.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583259?format=json","purl":"pkg:deb/debian/apache2@2.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2008-0005"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ss79-kcpu-mqd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3740?format=json","vulnerability_id":"VCID-ssvj-7g27-1ug6","summary":"A XSS flaw affected the mod_proxy_balancer manager interface.","references":[{"reference_url":"http://httpd.apache.org/security/vulnerabilities_22.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_22.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101196.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=136612293908376&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0815.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1207.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1208.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1209.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4558","reference_id":"","reference_type":"","scores":[{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96502","published_at":"2026-04-13T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96466","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96495","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96499","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96475","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.9648","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96484","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28235","scoring_system":"epss","scoring_elements":"0.96492","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18977","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18977"},{"reference_url":"http://support.apple.com/kb/HT5880","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5880"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?r1=1404653&r2=1413732&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_balancer.c?r1=1404653&r2=1413732&diff_format=h"},{"reference_url":"http://www.debian.org/security/2013/dsa-2637","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2013/dsa-2637"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"},{"reference_url":"http://www.securityfocus.com/bid/58165","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/58165"},{"reference_url":"http://www.securityfocus.com/bid/64758","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/64758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=915884","reference_id":"915884","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=915884"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-4558.json","reference_id":"CVE-2012-4558","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-4558.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4558","reference_id":"CVE-2012-4558","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1011","reference_id":"RHSA-2013:1011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1012","reference_id":"RHSA-2013:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1013","reference_id":"RHSA-2013:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1765-1/","reference_id":"USN-1765-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1765-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585286?format=json","purl":"pkg:deb/debian/apache2@2.2.22-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-4558"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ssvj-7g27-1ug6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3698?format=json","vulnerability_id":"VCID-svyk-az69-qbfw","summary":"The mod_proxy_balancer provided an administrative interface that could be vulnerable to cross-site request forgery (CSRF) attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6420.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6420.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6420","reference_id":"","reference_type":"","scores":[{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90268","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90223","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90226","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90239","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90243","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90259","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90266","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90274","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05544","scoring_system":"epss","scoring_elements":"0.90273","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6420"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6420"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=471009","reference_id":"471009","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=471009"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6420.json","reference_id":"CVE-2007-6420","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6420.json"},{"reference_url":"https://security.gentoo.org/glsa/200807-06","reference_id":"GLSA-200807-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-06"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585525?format=json","purl":"pkg:deb/debian/apache2@2.2.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2007-6420"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svyk-az69-qbfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3648?format=json","vulnerability_id":"VCID-t3d9-1ebn-bbdx","summary":"A flaw was found in handling of versioning hooks in mod_dav. An attacker could send a carefully crafted request in such a way to cause the child process handling the connection to crash. This issue will only result in a denial of service where a threaded process model is in use.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1593","reference_id":"","reference_type":"","scores":[{"value":"0.39006","scoring_system":"epss","scoring_elements":"0.97273","published_at":"2026-04-13T12:55:00Z"},{"value":"0.39006","scoring_system":"epss","scoring_elements":"0.97271","published_at":"2026-04-11T12:55:00Z"},{"value":"0.39006","scoring_system":"epss","scoring_elements":"0.97272","published_at":"2026-04-12T12:55:00Z"},{"value":"0.39006","scoring_system":"epss","scoring_elements":"0.97248","published_at":"2026-04-01T12:55:00Z"},{"value":"0.39006","scoring_system":"epss","scoring_elements":"0.97254","published_at":"2026-04-02T12:55:00Z"},{"value":"0.39006","scoring_system":"epss","scoring_elements":"0.97259","published_at":"2026-04-04T12:55:00Z"},{"value":"0.39006","scoring_system":"epss","scoring_elements":"0.9726","published_at":"2026-04-07T12:55:00Z"},{"value":"0.39006","scoring_system":"epss","scoring_elements":"0.97266","published_at":"2026-04-08T12:55:00Z"},{"value":"0.39006","scoring_system":"epss","scoring_elements":"0.97267","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1593"},{"reference_url":"http://securitytracker.com/id?1005285","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1005285"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/10208","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/10208"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd00b45b93fda4a5bd013b28587207d0e00f99f6e3308dbb6025f3b01%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"http://www.apache.org/dist/httpd/CHANGES_2.0","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/httpd/CHANGES_2.0"},{"reference_url":"http://www.kb.cert.org/vuls/id/406121","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/406121"},{"reference_url":"http://www.securityfocus.com/bid/5816","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/5816"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2002-1593.json","reference_id":"CVE-2002-1593","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2002-1593.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2002-1593","reference_id":"CVE-2002-1593","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2002-1593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585233?format=json","purl":"pkg:deb/debian/apache2@2.0.42?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.42%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2002-1593"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t3d9-1ebn-bbdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3806?format=json","vulnerability_id":"VCID-t67v-c4gx-ukbj","summary":"In Apache HTTP Server versions 2.4.32 to 2.4.43, mod_proxy_uwsgi has a information disclosure and possible RCE","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11984.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11984.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11984","reference_id":"","reference_type":"","scores":[{"value":"0.75348","scoring_system":"epss","scoring_elements":"0.98877","published_at":"2026-04-01T12:55:00Z"},{"value":"0.75348","scoring_system":"epss","scoring_elements":"0.98887","published_at":"2026-04-13T12:55:00Z"},{"value":"0.75348","scoring_system":"epss","scoring_elements":"0.98885","published_at":"2026-04-08T12:55:00Z"},{"value":"0.75348","scoring_system":"epss","scoring_elements":"0.98886","published_at":"2026-04-12T12:55:00Z"},{"value":"0.75348","scoring_system":"epss","scoring_elements":"0.98879","published_at":"2026-04-02T12:55:00Z"},{"value":"0.75348","scoring_system":"epss","scoring_elements":"0.98881","published_at":"2026-04-04T12:55:00Z"},{"value":"0.75348","scoring_system":"epss","scoring_elements":"0.98883","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866563","reference_id":"1866563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866563"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2020-11984.json","reference_id":"CVE-2020-11984","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2020-11984.json"},{"reference_url":"https://security.gentoo.org/glsa/202008-04","reference_id":"GLSA-202008-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4383","reference_id":"RHSA-2020:4383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4384","reference_id":"RHSA-2020:4384","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4384"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1809","reference_id":"RHSA-2021:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1809"},{"reference_url":"https://usn.ubuntu.com/4458-1/","reference_id":"USN-4458-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4458-1/"},{"reference_url":"https://usn.ubuntu.com/5054-1/","reference_id":"USN-5054-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5054-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5054-2/","reference_id":"USN-USN-5054-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5054-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585940?format=json","purl":"pkg:deb/debian/apache2@2.4.46-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.46-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2020-11984"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t67v-c4gx-ukbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3707?format=json","vulnerability_id":"VCID-t95h-xhtm-zbdv","summary":"A flaw was found in the handling of the \"Options\" and \"AllowOverride\" directives. In configurations using the \"AllowOverride\" directive with certain \"Options=\" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1195.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1195","reference_id":"","reference_type":"","scores":[{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40735","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40677","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.4076","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40788","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40762","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40769","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40754","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1195"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=489436","reference_id":"489436","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=489436"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834","reference_id":"530834","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530834"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1195.json","reference_id":"CVE-2009-1195","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1195.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-04","reference_id":"GLSA-200907-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1075","reference_id":"RHSA-2009:1075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1155","reference_id":"RHSA-2009:1155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1160","reference_id":"RHSA-2009:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1160"},{"reference_url":"https://usn.ubuntu.com/787-1/","reference_id":"USN-787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586188?format=json","purl":"pkg:deb/debian/apache2@2.2.11-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.11-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2009-1195"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t95h-xhtm-zbdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3657?format=json","vulnerability_id":"VCID-tbdg-kev6-5uep","summary":"A vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0245.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0245.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0245","reference_id":"","reference_type":"","scores":[{"value":"0.84076","scoring_system":"epss","scoring_elements":"0.99308","published_at":"2026-04-12T12:55:00Z"},{"value":"0.84076","scoring_system":"epss","scoring_elements":"0.99307","published_at":"2026-04-13T12:55:00Z"},{"value":"0.85319","scoring_system":"epss","scoring_elements":"0.99357","published_at":"2026-04-04T12:55:00Z"},{"value":"0.85319","scoring_system":"epss","scoring_elements":"0.99359","published_at":"2026-04-07T12:55:00Z"},{"value":"0.85319","scoring_system":"epss","scoring_elements":"0.99361","published_at":"2026-04-09T12:55:00Z"},{"value":"0.85319","scoring_system":"epss","scoring_elements":"0.9936","published_at":"2026-04-08T12:55:00Z"},{"value":"0.85319","scoring_system":"epss","scoring_elements":"0.99355","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0245"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0245","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0245"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617006","reference_id":"1617006","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617006"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0245.json","reference_id":"CVE-2003-0245","reference_type":"","scores":[{"value":"critical","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0245.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/38.pl","reference_id":"OSVDB-4340;CVE-2003-0245","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/38.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:186","reference_id":"RHSA-2003:186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582374?format=json","purl":"pkg:deb/debian/apache2@2.0.46?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.46%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0245"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbdg-kev6-5uep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3750?format=json","vulnerability_id":"VCID-tbud-pwyt-aye9","summary":"A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0304.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0304.html"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0305.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0305.html"},{"reference_url":"http://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"http://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143403519711434&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=143748090628601&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144493176821532&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1019.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1020.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1021.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0226","reference_id":"","reference_type":"","scores":[{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98892","published_at":"2026-04-13T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98882","published_at":"2026-04-01T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98889","published_at":"2026-04-08T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98891","published_at":"2026-04-12T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98884","published_at":"2026-04-02T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98885","published_at":"2026-04-04T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98888","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231"},{"reference_url":"http://seclists.org/fulldisclosure/2014/Jul/114","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2014/Jul/114"},{"reference_url":"http://secunia.com/advisories/60536","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60536"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201408-12.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201408-12.xml"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://puppet.com/security/cve/cve-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2014-0226"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/CHANGES"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/generators/mod_status.c?r1=1450998&r2=1610491&diff_format=h"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c"},{"reference_url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?r1=1588989&r2=1610491&diff_format=h"},{"reference_url":"https://www.povonsec.com/apache-2-4-7-exploit/","reference_id":"","reference_type":"","scores":[],"url":"https://www.povonsec.com/apache-2-4-7-exploit/"},{"reference_url":"http://www.debian.org/security/2014/dsa-2989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2014/dsa-2989"},{"reference_url":"http://www.exploit-db.com/exploits/34133","reference_id":"","reference_type":"","scores":[],"url":"http://www.exploit-db.com/exploits/34133"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:142"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://www.osvdb.org/109216","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/109216"},{"reference_url":"http://www.securityfocus.com/bid/68678","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/68678"},{"reference_url":"http://zerodayinitiative.com/advisories/ZDI-14-236/","reference_id":"","reference_type":"","scores":[],"url":"http://zerodayinitiative.com/advisories/ZDI-14-236/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120603","reference_id":"1120603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120603"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:11.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:10.1.3.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:11.1.1.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.63:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:4.71:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:secure_global_desktop:5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0226.json","reference_id":"CVE-2014-0226","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0226.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0226","reference_id":"CVE-2014-0226","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-0226"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt","reference_id":"CVE-2014-0226;OSVDB-109216","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt"},{"reference_url":"https://security.gentoo.org/glsa/201408-12","reference_id":"GLSA-201408-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-12"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0920","reference_id":"RHSA-2014:0920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1019","reference_id":"RHSA-2014:1019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1020","reference_id":"RHSA-2014:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1021","reference_id":"RHSA-2014:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1086","reference_id":"RHSA-2014:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1087","reference_id":"RHSA-2014:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1088","reference_id":"RHSA-2014:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1088"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582592?format=json","purl":"pkg:deb/debian/apache2@2.4.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2014-0226"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbud-pwyt-aye9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3757?format=json","vulnerability_id":"VCID-tcmz-a5dq-d7cj","summary":"A crash in ErrorDocument handling was found. If ErrorDocument 400 was configured pointing to a local URL-path with the INCLUDES filter active, a NULL dereference would occur when handling the error, causing the child process to crash. This issue affected the 2.4.12 release only.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0253.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0253.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0253","reference_id":"","reference_type":"","scores":[{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93288","published_at":"2026-04-12T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.9326","published_at":"2026-04-01T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93268","published_at":"2026-04-02T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93274","published_at":"2026-04-04T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93272","published_at":"2026-04-07T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93281","published_at":"2026-04-08T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93286","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93289","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0253"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243891","reference_id":"1243891","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243891"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2015-0253.json","reference_id":"CVE-2015-0253","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2015-0253.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1666","reference_id":"RHSA-2015:1666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2015-0253"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tcmz-a5dq-d7cj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3868?format=json","vulnerability_id":"VCID-td8g-tmny-jyaa","summary":"An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds.\n\nThis issue affects Apache HTTP Server: from 2.4.30 before 2.4.66.\n\n\nUsers are recommended to upgrade to version 2.4.66, which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55753.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55753","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22106","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22156","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28298","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28396","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28399","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28356","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28287","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28352","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55753"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926","reference_id":"1121926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419140","reference_id":"2419140","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419140"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-55753.json","reference_id":"CVE-2025-55753","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-55753.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23732","reference_id":"RHSA-2025:23732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23732"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23738","reference_id":"RHSA-2025:23738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23739","reference_id":"RHSA-2025:23739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0009","reference_id":"RHSA-2026:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0010","reference_id":"RHSA-2026:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0011","reference_id":"RHSA-2026:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0012","reference_id":"RHSA-2026:0012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0029","reference_id":"RHSA-2026:0029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0030","reference_id":"RHSA-2026:0030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0092","reference_id":"RHSA-2026:0092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0093","reference_id":"RHSA-2026:0093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0094","reference_id":"RHSA-2026:0094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2994","reference_id":"RHSA-2026:2994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2995","reference_id":"RHSA-2026:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2995"},{"reference_url":"https://usn.ubuntu.com/7968-1/","reference_id":"USN-7968-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7968-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583891?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583892?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583893?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-55753"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-td8g-tmny-jyaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41885?format=json","vulnerability_id":"VCID-thb2-u6hh-3bcz","summary":"Multiple vulnerabilities in Apache might lead to a Denial of Service.","references":[{"reference_url":"http://bugs.gentoo.org/show_bug.cgi?id=222643","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.gentoo.org/show_bug.cgi?id=222643"},{"reference_url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html"},{"reference_url":"http://marc.info/?l=openssl-dev&m=121060672602371&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=openssl-dev&m=121060672602371&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1678.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1678.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1678","reference_id":"","reference_type":"","scores":[{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92598","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92562","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92568","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92574","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92576","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92587","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92592","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08958","scoring_system":"epss","scoring_elements":"0.92597","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1678"},{"reference_url":"https://bugs.edge.launchpad.net/bugs/186339","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.edge.launchpad.net/bugs/186339"},{"reference_url":"https://bugs.edge.launchpad.net/bugs/224945","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.edge.launchpad.net/bugs/224945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678"},{"reference_url":"http://secunia.com/advisories/31026","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31026"},{"reference_url":"http://secunia.com/advisories/31416","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31416"},{"reference_url":"http://secunia.com/advisories/32222","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32222"},{"reference_url":"http://secunia.com/advisories/34219","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/34219"},{"reference_url":"http://secunia.com/advisories/35264","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/35264"},{"reference_url":"http://secunia.com/advisories/38761","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/38761"},{"reference_url":"http://secunia.com/advisories/42724","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42724"},{"reference_url":"http://secunia.com/advisories/42733","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42733"},{"reference_url":"http://secunia.com/advisories/44183","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44183"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200807-06.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200807-06.xml"},{"reference_url":"http://securityreason.com/securityalert/3981","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/3981"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43948","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43948"},{"reference_url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=44975","reference_id":"","reference_type":"","scores":[],"url":"https://issues.apache.org/bugzilla/show_bug.cgi?id=44975"},{"reference_url":"https://kb.bluecoat.com/index?page=content&id=SA50","reference_id":"","reference_type":"","scores":[],"url":"https://kb.bluecoat.com/index?page=content&id=SA50"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9754","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9754"},{"reference_url":"http://support.apple.com/kb/HT3216","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3216"},{"reference_url":"http://svn.apache.org/viewvc?view=rev&revision=654119","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=rev&revision=654119"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00055.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2009:124"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2009-1075.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2009-1075.html"},{"reference_url":"http://www.securityfocus.com/bid/31681","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31681"},{"reference_url":"http://www.securityfocus.com/bid/31692","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/31692"},{"reference_url":"http://www.ubuntu.com/usn/USN-731-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-731-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2780","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2780"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=447268","reference_id":"447268","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=447268"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1678","reference_id":"CVE-2008-1678","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1678"},{"reference_url":"https://security.gentoo.org/glsa/200807-06","reference_id":"GLSA-200807-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1075","reference_id":"RHSA-2009:1075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1075"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583253?format=json","purl":"pkg:deb/debian/apache2@2.2.8-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2008-1678"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-thb2-u6hh-3bcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3766?format=json","vulnerability_id":"VCID-tkm7-pyue-7ffj","summary":"The HTTP/2 protocol implementation (mod_http2) had an incomplete handling of the LimitRequestFields directive. This allowed an attacker to inject unlimited request headers into the server, leading to eventual memory exhaustion.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8740.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8740.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8740","reference_id":"","reference_type":"","scores":[{"value":"0.68259","scoring_system":"epss","scoring_elements":"0.98589","published_at":"2026-04-01T12:55:00Z"},{"value":"0.68259","scoring_system":"epss","scoring_elements":"0.98603","published_at":"2026-04-13T12:55:00Z"},{"value":"0.68259","scoring_system":"epss","scoring_elements":"0.98601","published_at":"2026-04-11T12:55:00Z"},{"value":"0.68259","scoring_system":"epss","scoring_elements":"0.98602","published_at":"2026-04-12T12:55:00Z"},{"value":"0.68259","scoring_system":"epss","scoring_elements":"0.9859","published_at":"2026-04-02T12:55:00Z"},{"value":"0.68259","scoring_system":"epss","scoring_elements":"0.98594","published_at":"2026-04-04T12:55:00Z"},{"value":"0.68259","scoring_system":"epss","scoring_elements":"0.98595","published_at":"2026-04-07T12:55:00Z"},{"value":"0.68259","scoring_system":"epss","scoring_elements":"0.98598","published_at":"2026-04-08T12:55:00Z"},{"value":"0.68259","scoring_system":"epss","scoring_elements":"0.98599","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8740"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401528","reference_id":"1401528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401528"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847124","reference_id":"847124","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847124"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40909.py","reference_id":"CVE-2016-8740","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40909.py"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-8740.json","reference_id":"CVE-2016-8740","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-8740.json"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1161","reference_id":"RHSA-2017:1161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1413","reference_id":"RHSA-2017:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1414","reference_id":"RHSA-2017:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1415","reference_id":"RHSA-2017:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1415"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582509?format=json","purl":"pkg:deb/debian/apache2@2.4.25-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2016-8740"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tkm7-pyue-7ffj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3771?format=json","vulnerability_id":"VCID-twj7-4qwm-2khv","summary":"The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7668.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7668.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7668","reference_id":"","reference_type":"","scores":[{"value":"0.66384","scoring_system":"epss","scoring_elements":"0.98519","published_at":"2026-04-01T12:55:00Z"},{"value":"0.66384","scoring_system":"epss","scoring_elements":"0.9853","published_at":"2026-04-13T12:55:00Z"},{"value":"0.66384","scoring_system":"epss","scoring_elements":"0.98527","published_at":"2026-04-08T12:55:00Z"},{"value":"0.66384","scoring_system":"epss","scoring_elements":"0.98529","published_at":"2026-04-09T12:55:00Z"},{"value":"0.66384","scoring_system":"epss","scoring_elements":"0.98521","published_at":"2026-04-02T12:55:00Z"},{"value":"0.66384","scoring_system":"epss","scoring_elements":"0.98523","published_at":"2026-04-04T12:55:00Z"},{"value":"0.66384","scoring_system":"epss","scoring_elements":"0.98524","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463205","reference_id":"1463205","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463205"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-7668.json","reference_id":"CVE-2017-7668","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-7668.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584426?format=json","purl":"pkg:deb/debian/apache2@2.4.25-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-7668"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-twj7-4qwm-2khv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3706?format=json","vulnerability_id":"VCID-u3w6-ubg9-5qdb","summary":"An information disclosure flaw was found in mod_proxy_ajp in version 2.2.11 only. In certain situations, if a user sent a carefully crafted HTTP request, the server could return a response intended for another user.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1191.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1191.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1191","reference_id":"","reference_type":"","scores":[{"value":"0.11998","scoring_system":"epss","scoring_elements":"0.93773","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11998","scoring_system":"epss","scoring_elements":"0.93733","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11998","scoring_system":"epss","scoring_elements":"0.93743","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11998","scoring_system":"epss","scoring_elements":"0.93753","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11998","scoring_system":"epss","scoring_elements":"0.93756","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11998","scoring_system":"epss","scoring_elements":"0.93765","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11998","scoring_system":"epss","scoring_elements":"0.93768","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=496801","reference_id":"496801","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=496801"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-1191.json","reference_id":"CVE-2009-1191","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-1191.json"},{"reference_url":"https://security.gentoo.org/glsa/200907-04","reference_id":"GLSA-200907-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200907-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1058","reference_id":"RHSA-2009:1058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1058"},{"reference_url":"https://usn.ubuntu.com/787-1/","reference_id":"USN-787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586032?format=json","purl":"pkg:deb/debian/apache2@2.2.11-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.11-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2009-1191"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u3w6-ubg9-5qdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88463?format=json","vulnerability_id":"VCID-ud2z-cz2h-6qbr","summary":"httpd: XSS via UTF-7 encoded urls on the 403 Forbidden error page","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2168.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2168.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2168","reference_id":"","reference_type":"","scores":[{"value":"0.50386","scoring_system":"epss","scoring_elements":"0.9782","published_at":"2026-04-01T12:55:00Z"},{"value":"0.50386","scoring_system":"epss","scoring_elements":"0.97826","published_at":"2026-04-02T12:55:00Z"},{"value":"0.50386","scoring_system":"epss","scoring_elements":"0.97827","published_at":"2026-04-04T12:55:00Z"},{"value":"0.50386","scoring_system":"epss","scoring_elements":"0.9783","published_at":"2026-04-07T12:55:00Z"},{"value":"0.50386","scoring_system":"epss","scoring_elements":"0.97834","published_at":"2026-04-08T12:55:00Z"},{"value":"0.50386","scoring_system":"epss","scoring_elements":"0.97838","published_at":"2026-04-09T12:55:00Z"},{"value":"0.50386","scoring_system":"epss","scoring_elements":"0.9784","published_at":"2026-04-11T12:55:00Z"},{"value":"0.50386","scoring_system":"epss","scoring_elements":"0.97842","published_at":"2026-04-12T12:55:00Z"},{"value":"0.50386","scoring_system":"epss","scoring_elements":"0.97843","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2168"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2168","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2168"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=446352","reference_id":"446352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=446352"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/31759.txt","reference_id":"CVE-2008-2168;OSVDB-45420","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/31759.txt"},{"reference_url":"https://www.securityfocus.com/bid/29112/info","reference_id":"CVE-2008-2168;OSVDB-45420","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/29112/info"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583259?format=json","purl":"pkg:deb/debian/apache2@2.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2008-2168"],"risk_score":1.0,"exploitability":"2.0","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ud2z-cz2h-6qbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3793?format=json","vulnerability_id":"VCID-ugdv-apr8-g3bz","summary":"In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0215.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0215.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0215","reference_id":"","reference_type":"","scores":[{"value":"0.07501","scoring_system":"epss","scoring_elements":"0.91756","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07501","scoring_system":"epss","scoring_elements":"0.91802","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07501","scoring_system":"epss","scoring_elements":"0.91778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07501","scoring_system":"epss","scoring_elements":"0.91791","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07501","scoring_system":"epss","scoring_elements":"0.91798","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07501","scoring_system":"epss","scoring_elements":"0.91801","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07501","scoring_system":"epss","scoring_elements":"0.91764","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07501","scoring_system":"epss","scoring_elements":"0.91771","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0215"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/117bc3f09847ebf020b1bb70301ebcc105ddc446856150b63f37f8eb%40%3Cdev.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/2d6bd429a0ba9af1580da896575cfca6e42bb05e7536562d4b095fcf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/2d6bd429a0ba9af1580da896575cfca6e42bb05e7536562d4b095fcf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5b1e7d66c5adf286f14f6cc0f857b6fca107444f68aed9e70eedab47%40%3Cdev.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/bc1a6d4137798565ab02e60079b6788442147f4efeb4200c665bed5b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/bc1a6d4137798565ab02e60079b6788442147f4efeb4200c665bed5b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190423-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190423-0001/"},{"reference_url":"https://support.f5.com/csp/article/K59440504","reference_id":"","reference_type":"","scores":[],"url":"https://support.f5.com/csp/article/K59440504"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/04/02/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/04/02/4"},{"reference_url":"http://www.securityfocus.com/bid/107667","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107667"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695025","reference_id":"1695025","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695025"},{"reference_url":"https://security.archlinux.org/ASA-201904-3","reference_id":"ASA-201904-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-3"},{"reference_url":"https://security.archlinux.org/AVG-946","reference_id":"AVG-946","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-946"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.4.38:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-0215.json","reference_id":"CVE-2019-0215","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-0215.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0215","reference_id":"CVE-2019-0215","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0980","reference_id":"RHSA-2019:0980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0980"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582611?format=json","purl":"pkg:deb/debian/apache2@2.4.38-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-0215"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugdv-apr8-g3bz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3646?format=json","vulnerability_id":"VCID-uhsk-juy6-g7g9","summary":"In Apache 2.0.42 only, for a location where both WebDAV and CGI were enabled, a POST request to a CGI script would reveal the CGI source to a remote user.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1156","reference_id":"","reference_type":"","scores":[{"value":"0.26372","scoring_system":"epss","scoring_elements":"0.96314","published_at":"2026-04-13T12:55:00Z"},{"value":"0.26372","scoring_system":"epss","scoring_elements":"0.96275","published_at":"2026-04-01T12:55:00Z"},{"value":"0.26372","scoring_system":"epss","scoring_elements":"0.96283","published_at":"2026-04-02T12:55:00Z"},{"value":"0.26372","scoring_system":"epss","scoring_elements":"0.96291","published_at":"2026-04-04T12:55:00Z"},{"value":"0.26372","scoring_system":"epss","scoring_elements":"0.96295","published_at":"2026-04-07T12:55:00Z"},{"value":"0.26372","scoring_system":"epss","scoring_elements":"0.96304","published_at":"2026-04-08T12:55:00Z"},{"value":"0.26372","scoring_system":"epss","scoring_elements":"0.96307","published_at":"2026-04-09T12:55:00Z"},{"value":"0.26372","scoring_system":"epss","scoring_elements":"0.96311","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1156"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2002-1156.json","reference_id":"CVE-2002-1156","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2002-1156.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586673?format=json","purl":"pkg:deb/debian/apache2@2.0.43?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.43%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2002-1156"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uhsk-juy6-g7g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3795?format=json","vulnerability_id":"VCID-uwqg-yytc-vfae","summary":"When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0220.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0220.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0220","reference_id":"","reference_type":"","scores":[{"value":"0.20275","scoring_system":"epss","scoring_elements":"0.95478","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20275","scoring_system":"epss","scoring_elements":"0.95514","published_at":"2026-04-13T12:55:00Z"},{"value":"0.20275","scoring_system":"epss","scoring_elements":"0.95507","published_at":"2026-04-09T12:55:00Z"},{"value":"0.20275","scoring_system":"epss","scoring_elements":"0.95512","published_at":"2026-04-11T12:55:00Z"},{"value":"0.20275","scoring_system":"epss","scoring_elements":"0.95513","published_at":"2026-04-12T12:55:00Z"},{"value":"0.20275","scoring_system":"epss","scoring_elements":"0.95488","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20275","scoring_system":"epss","scoring_elements":"0.95494","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20275","scoring_system":"epss","scoring_elements":"0.95498","published_at":"2026-04-07T12:55:00Z"},{"value":"0.20275","scoring_system":"epss","scoring_elements":"0.95505","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0220"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695036","reference_id":"1695036","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695036"},{"reference_url":"https://security.archlinux.org/ASA-201904-3","reference_id":"ASA-201904-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-3"},{"reference_url":"https://security.archlinux.org/AVG-946","reference_id":"AVG-946","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-946"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-0220.json","reference_id":"CVE-2019-0220","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-0220.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2343","reference_id":"RHSA-2019:2343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3436","reference_id":"RHSA-2019:3436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4126","reference_id":"RHSA-2019:4126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0250","reference_id":"RHSA-2020:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0251","reference_id":"RHSA-2020:0251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0251"},{"reference_url":"https://usn.ubuntu.com/3937-1/","reference_id":"USN-3937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582611?format=json","purl":"pkg:deb/debian/apache2@2.4.38-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-0220"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uwqg-yytc-vfae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3797?format=json","vulnerability_id":"VCID-v41h-pbbe-zfas","summary":"HTTP/2 very early pushes, for example configured with \"H2PushResource\", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10081.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10081.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10081","reference_id":"","reference_type":"","scores":[{"value":"0.28784","scoring_system":"epss","scoring_elements":"0.96516","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28784","scoring_system":"epss","scoring_elements":"0.96549","published_at":"2026-04-13T12:55:00Z"},{"value":"0.28784","scoring_system":"epss","scoring_elements":"0.96544","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28784","scoring_system":"epss","scoring_elements":"0.96546","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28784","scoring_system":"epss","scoring_elements":"0.96525","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28784","scoring_system":"epss","scoring_elements":"0.96529","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28784","scoring_system":"epss","scoring_elements":"0.96533","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28784","scoring_system":"epss","scoring_elements":"0.96542","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743966","reference_id":"1743966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1743966"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-10081.json","reference_id":"CVE-2019-10081","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-10081.json"},{"reference_url":"https://security.gentoo.org/glsa/201909-04","reference_id":"GLSA-201909-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1336","reference_id":"RHSA-2020:1336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1337","reference_id":"RHSA-2020:1337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4751","reference_id":"RHSA-2020:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4751"},{"reference_url":"https://usn.ubuntu.com/4113-1/","reference_id":"USN-4113-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4113-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585842?format=json","purl":"pkg:deb/debian/apache2@2.4.41-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.41-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-10081"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v41h-pbbe-zfas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3872?format=json","vulnerability_id":"VCID-varh-ysfr-euc8","summary":"mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid.\n\nThis issue affects Apache HTTP Server: from 2.4.7 through 2.4.65.\n\nUsers are recommended to upgrade to version 2.4.66, which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66200.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66200.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-66200","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17472","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17519","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21507","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21591","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21602","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21564","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21456","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21532","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-66200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66200"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926","reference_id":"1121926","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419262","reference_id":"2419262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2419262"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-66200.json","reference_id":"CVE-2025-66200","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-66200.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23732","reference_id":"RHSA-2025:23732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23732"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23919","reference_id":"RHSA-2025:23919","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23932","reference_id":"RHSA-2025:23932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2994","reference_id":"RHSA-2026:2994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2995","reference_id":"RHSA-2026:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2995"},{"reference_url":"https://usn.ubuntu.com/7968-1/","reference_id":"USN-7968-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7968-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583891?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583892?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583893?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-66200"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-varh-ysfr-euc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3684?format=json","vulnerability_id":"VCID-vqs2-5x99-7qfd","summary":"A flaw in the byterange filter would cause some responses to be buffered into memory. If a server has a dynamic resource such as a CGI script or PHP script which generates a large amount of data, an attacker could send carefully crafted requests in order to consume resources, potentially leading to a Denial of Service.","references":[{"reference_url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U","reference_id":"","reference_type":"","scores":[],"url":"ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"},{"reference_url":"http://issues.apache.org/bugzilla/show_bug.cgi?id=29962","reference_id":"","reference_type":"","scores":[],"url":"http://issues.apache.org/bugzilla/show_bug.cgi?id=29962"},{"reference_url":"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2728.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2728.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2728","reference_id":"","reference_type":"","scores":[{"value":"0.61794","scoring_system":"epss","scoring_elements":"0.98338","published_at":"2026-04-13T12:55:00Z"},{"value":"0.61794","scoring_system":"epss","scoring_elements":"0.98334","published_at":"2026-04-09T12:55:00Z"},{"value":"0.61794","scoring_system":"epss","scoring_elements":"0.98337","published_at":"2026-04-11T12:55:00Z"},{"value":"0.61794","scoring_system":"epss","scoring_elements":"0.98322","published_at":"2026-04-01T12:55:00Z"},{"value":"0.61794","scoring_system":"epss","scoring_elements":"0.98324","published_at":"2026-04-02T12:55:00Z"},{"value":"0.61794","scoring_system":"epss","scoring_elements":"0.98326","published_at":"2026-04-04T12:55:00Z"},{"value":"0.61794","scoring_system":"epss","scoring_elements":"0.98329","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2728"},{"reference_url":"http://secunia.com/advisories/16559/","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16559/"},{"reference_url":"http://secunia.com/advisories/16705","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16705"},{"reference_url":"http://secunia.com/advisories/16714","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16714"},{"reference_url":"http://secunia.com/advisories/16743","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16743"},{"reference_url":"http://secunia.com/advisories/16746","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16746"},{"reference_url":"http://secunia.com/advisories/16753","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16753"},{"reference_url":"http://secunia.com/advisories/16754","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16754"},{"reference_url":"http://secunia.com/advisories/16769","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16769"},{"reference_url":"http://secunia.com/advisories/16789","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16789"},{"reference_url":"http://secunia.com/advisories/16956","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/16956"},{"reference_url":"http://secunia.com/advisories/17036","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17036"},{"reference_url":"http://secunia.com/advisories/17288","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17288"},{"reference_url":"http://secunia.com/advisories/17600","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17600"},{"reference_url":"http://secunia.com/advisories/17831","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17831"},{"reference_url":"http://secunia.com/advisories/17923","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17923"},{"reference_url":"http://secunia.com/advisories/18161","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18161"},{"reference_url":"http://secunia.com/advisories/18333","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18333"},{"reference_url":"http://secunia.com/advisories/18517","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/18517"},{"reference_url":"http://secunia.com/advisories/19072","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/19072"},{"reference_url":"http://securityreason.com/securityalert/604","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/604"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/22006","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/22006"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r652fc951306cdeca5a276e2021a34878a76695a9f3cfb6490b4a6840%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rafd145ba6cd0a4ced113a5823cdaff45aeb36eb09855b216401c66d6%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/reb542d2038e9c331506e0cbff881b47e40fbe2bd93ff00979e60cdf7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10017","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10017"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1246","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1246"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1727","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1727"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A760","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A760"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm","reference_id":"","reference_type":"","scores":[],"url":"http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"},{"reference_url":"http://www.debian.org/security/2005/dsa-805","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-805"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:161","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2005:161"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_51_apache2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_51_apache2.html"},{"reference_url":"http://www.novell.com/linux/security/advisories/2005_52_apache2.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2005_52_apache2.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-608.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-608.html"},{"reference_url":"http://www.securityfocus.com/archive/1/428138/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/428138/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/14660","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/14660"},{"reference_url":"http://www.ubuntu.com/usn/usn-177-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-177-1"},{"reference_url":"http://www.vupen.com/english/advisories/2006/0789","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2006/0789"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617753","reference_id":"1617753","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617753"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326435","reference_id":"326435","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326435"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.28:beta:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.36:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.38:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.39:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.42:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.43:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.44:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.45:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.46:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.47:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.48:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.49:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.50:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.0.9:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2005-2728.json","reference_id":"CVE-2005-2728","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2005-2728.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2728","reference_id":"CVE-2005-2728","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2728"},{"reference_url":"https://security.gentoo.org/glsa/200508-15","reference_id":"GLSA-200508-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200508-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:608","reference_id":"RHSA-2005:608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:608"},{"reference_url":"https://usn.ubuntu.com/177-1/","reference_id":"USN-177-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/177-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584122?format=json","purl":"pkg:deb/debian/apache2@2.0.54-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.54-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2005-2728"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vqs2-5x99-7qfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3658?format=json","vulnerability_id":"VCID-vud7-n4uk-2be8","summary":"In a server with multiple listening sockets a certain error returned by accept() on a rarely access port can cause a temporary denial of service, due to a bug in the prefork MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0253.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0253.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0253","reference_id":"","reference_type":"","scores":[{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91653","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91661","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91667","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91676","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91688","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91695","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91698","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.917","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0253"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617012","reference_id":"1617012","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617012"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0253.json","reference_id":"CVE-2003-0253","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0253.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:240","reference_id":"RHSA-2003:240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:240"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584275?format=json","purl":"pkg:deb/debian/apache2@2.0.47?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.47%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0253"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vud7-n4uk-2be8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3655?format=json","vulnerability_id":"VCID-w18t-67us-kufe","summary":"A build system problem in Apache 2.0.40 through 2.0.45 allows remote attackers to cause a denial of access to authenticated content when a threaded server is used.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0189.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0189.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0189","reference_id":"","reference_type":"","scores":[{"value":"0.16257","scoring_system":"epss","scoring_elements":"0.94818","published_at":"2026-04-09T12:55:00Z"},{"value":"0.16257","scoring_system":"epss","scoring_elements":"0.9479","published_at":"2026-04-01T12:55:00Z"},{"value":"0.16257","scoring_system":"epss","scoring_elements":"0.94799","published_at":"2026-04-02T12:55:00Z"},{"value":"0.16257","scoring_system":"epss","scoring_elements":"0.94803","published_at":"2026-04-04T12:55:00Z"},{"value":"0.16257","scoring_system":"epss","scoring_elements":"0.94804","published_at":"2026-04-07T12:55:00Z"},{"value":"0.16257","scoring_system":"epss","scoring_elements":"0.94813","published_at":"2026-04-08T12:55:00Z"},{"value":"0.17927","scoring_system":"epss","scoring_elements":"0.95149","published_at":"2026-04-13T12:55:00Z"},{"value":"0.17927","scoring_system":"epss","scoring_elements":"0.95144","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17927","scoring_system":"epss","scoring_elements":"0.95146","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0189"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616996","reference_id":"1616996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616996"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0189.json","reference_id":"CVE-2003-0189","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0189.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:186","reference_id":"RHSA-2003:186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582374?format=json","purl":"pkg:deb/debian/apache2@2.0.46?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.46%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0189"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w18t-67us-kufe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79930?format=json","vulnerability_id":"VCID-w2tb-2uvg-g7hv","summary":"httpd: Regression of CVE-2021-40438 and CVE-2021-26691 fixes in Red Hat Enterprise Linux 8.5","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20325.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20325.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20325","reference_id":"","reference_type":"","scores":[{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76069","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76073","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76105","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76084","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76118","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76131","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76156","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76132","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76129","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-20325"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2017321","reference_id":"2017321","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2017321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4537","reference_id":"RHSA-2021:4537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4537"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-20325"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w2tb-2uvg-g7hv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3794?format=json","vulnerability_id":"VCID-w6p6-u8ku-k3f6","summary":"In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0217.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0217","reference_id":"","reference_type":"","scores":[{"value":"0.43022","scoring_system":"epss","scoring_elements":"0.97464","published_at":"2026-04-01T12:55:00Z"},{"value":"0.43022","scoring_system":"epss","scoring_elements":"0.97488","published_at":"2026-04-13T12:55:00Z"},{"value":"0.43022","scoring_system":"epss","scoring_elements":"0.97475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.43022","scoring_system":"epss","scoring_elements":"0.97481","published_at":"2026-04-08T12:55:00Z"},{"value":"0.43022","scoring_system":"epss","scoring_elements":"0.97482","published_at":"2026-04-09T12:55:00Z"},{"value":"0.43022","scoring_system":"epss","scoring_elements":"0.97485","published_at":"2026-04-11T12:55:00Z"},{"value":"0.43022","scoring_system":"epss","scoring_elements":"0.97487","published_at":"2026-04-12T12:55:00Z"},{"value":"0.43022","scoring_system":"epss","scoring_elements":"0.97471","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0220"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://httpd.apache.org/security/vulnerabilities_24.html","reference_id":"","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/vulnerabilities_24.html"},{"reference_url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/e0b8f6e858b1c8ec2ce8e291a2c543d438915037c7af661ab6d33808%40%3Cdev.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00008.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/5","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/5"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190423-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190423-0001/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us"},{"reference_url":"https://www.debian.org/security/2019/dsa-4422","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4422"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/04/02/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/04/02/5"},{"reference_url":"http://www.securityfocus.com/bid/107668","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107668"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695020","reference_id":"1695020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1695020"},{"reference_url":"https://security.archlinux.org/ASA-201904-3","reference_id":"ASA-201904-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-3"},{"reference_url":"https://security.archlinux.org/AVG-946","reference_id":"AVG-946","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-946"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-0217.json","reference_id":"CVE-2019-0217","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-0217.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0217","reference_id":"CVE-2019-0217","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-0217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2343","reference_id":"RHSA-2019:2343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3436","reference_id":"RHSA-2019:3436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4126","reference_id":"RHSA-2019:4126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4126"},{"reference_url":"https://usn.ubuntu.com/3937-1/","reference_id":"USN-3937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3937-1/"},{"reference_url":"https://usn.ubuntu.com/3937-2/","reference_id":"USN-3937-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3937-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582611?format=json","purl":"pkg:deb/debian/apache2@2.4.38-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.38-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-0217"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6p6-u8ku-k3f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/115345?format=json","vulnerability_id":"VCID-wg13-h6gt-r7h5","summary":"Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4110","reference_id":"","reference_type":"","scores":[{"value":"0.17318","scoring_system":"epss","scoring_elements":"0.9501","published_at":"2026-04-01T12:55:00Z"},{"value":"0.17318","scoring_system":"epss","scoring_elements":"0.95021","published_at":"2026-04-02T12:55:00Z"},{"value":"0.17318","scoring_system":"epss","scoring_elements":"0.95022","published_at":"2026-04-04T12:55:00Z"},{"value":"0.17318","scoring_system":"epss","scoring_elements":"0.95025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.17318","scoring_system":"epss","scoring_elements":"0.95032","published_at":"2026-04-08T12:55:00Z"},{"value":"0.17318","scoring_system":"epss","scoring_elements":"0.95036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.17318","scoring_system":"epss","scoring_elements":"0.95042","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17318","scoring_system":"epss","scoring_elements":"0.95043","published_at":"2026-04-12T12:55:00Z"},{"value":"0.17318","scoring_system":"epss","scoring_elements":"0.95046","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4110"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28365.txt","reference_id":"CVE-2006-4110;OSVDB-27913","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/28365.txt"},{"reference_url":"https://www.securityfocus.com/bid/19447/info","reference_id":"CVE-2006-4110;OSVDB-27913","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/19447/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2006-4110"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wg13-h6gt-r7h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3807?format=json","vulnerability_id":"VCID-wgte-97r1-j7a9","summary":"For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11985.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11985.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11985","reference_id":"","reference_type":"","scores":[{"value":"0.15318","scoring_system":"epss","scoring_elements":"0.94596","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15318","scoring_system":"epss","scoring_elements":"0.94633","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15318","scoring_system":"epss","scoring_elements":"0.94626","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15318","scoring_system":"epss","scoring_elements":"0.9463","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15318","scoring_system":"epss","scoring_elements":"0.94603","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15318","scoring_system":"epss","scoring_elements":"0.9461","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15318","scoring_system":"epss","scoring_elements":"0.94611","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15318","scoring_system":"epss","scoring_elements":"0.94621","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11985"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866559","reference_id":"1866559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866559"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2020-11985.json","reference_id":"CVE-2020-11985","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2020-11985.json"},{"reference_url":"https://security.gentoo.org/glsa/202008-04","reference_id":"GLSA-202008-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1161","reference_id":"RHSA-2017:1161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1161"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582509?format=json","purl":"pkg:deb/debian/apache2@2.4.25-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2020-11985"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgte-97r1-j7a9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3819?format=json","vulnerability_id":"VCID-wrw6-uzz4-rkfb","summary":"ap_escape_quotes() may write beyond the end of a buffer when given malicious input.  \nNo included modules pass untrusted data to these functions, but third-party / external modules may.\n\nThis issue affects Apache HTTP Server 2.4.48 and earlier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39275.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39275.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39275","reference_id":"","reference_type":"","scores":[{"value":"0.37674","scoring_system":"epss","scoring_elements":"0.97171","published_at":"2026-04-01T12:55:00Z"},{"value":"0.37674","scoring_system":"epss","scoring_elements":"0.97199","published_at":"2026-04-13T12:55:00Z"},{"value":"0.37674","scoring_system":"epss","scoring_elements":"0.97193","published_at":"2026-04-08T12:55:00Z"},{"value":"0.37674","scoring_system":"epss","scoring_elements":"0.97194","published_at":"2026-04-09T12:55:00Z"},{"value":"0.37674","scoring_system":"epss","scoring_elements":"0.97198","published_at":"2026-04-11T12:55:00Z"},{"value":"0.37674","scoring_system":"epss","scoring_elements":"0.97177","published_at":"2026-04-02T12:55:00Z"},{"value":"0.37674","scoring_system":"epss","scoring_elements":"0.97183","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39275"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2005119","reference_id":"2005119","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2005119"},{"reference_url":"https://security.archlinux.org/AVG-2289","reference_id":"AVG-2289","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2289"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-39275.json","reference_id":"CVE-2021-39275","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-39275.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0143","reference_id":"RHSA-2022:0143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0891","reference_id":"RHSA-2022:0891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7143","reference_id":"RHSA-2022:7143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7144","reference_id":"RHSA-2022:7144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7144"},{"reference_url":"https://usn.ubuntu.com/5090-1/","reference_id":"USN-5090-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5090-1/"},{"reference_url":"https://usn.ubuntu.com/5090-2/","reference_id":"USN-5090-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5090-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584440?format=json","purl":"pkg:deb/debian/apache2@2.4.49-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.49-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584441?format=json","purl":"pkg:deb/debian/apache2@2.4.51-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.51-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-39275"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wrw6-uzz4-rkfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3770?format=json","vulnerability_id":"VCID-wshe-gf99-tbg6","summary":"A maliciously constructed HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7659.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7659.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7659","reference_id":"","reference_type":"","scores":[{"value":"0.38383","scoring_system":"epss","scoring_elements":"0.97208","published_at":"2026-04-01T12:55:00Z"},{"value":"0.38383","scoring_system":"epss","scoring_elements":"0.97235","published_at":"2026-04-13T12:55:00Z"},{"value":"0.38383","scoring_system":"epss","scoring_elements":"0.9722","published_at":"2026-04-07T12:55:00Z"},{"value":"0.38383","scoring_system":"epss","scoring_elements":"0.9723","published_at":"2026-04-08T12:55:00Z"},{"value":"0.38383","scoring_system":"epss","scoring_elements":"0.97231","published_at":"2026-04-09T12:55:00Z"},{"value":"0.38383","scoring_system":"epss","scoring_elements":"0.97234","published_at":"2026-04-11T12:55:00Z"},{"value":"0.38383","scoring_system":"epss","scoring_elements":"0.97213","published_at":"2026-04-02T12:55:00Z"},{"value":"0.38383","scoring_system":"epss","scoring_elements":"0.97219","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7659"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463199","reference_id":"1463199","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463199"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-7659.json","reference_id":"CVE-2017-7659","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-7659.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584426?format=json","purl":"pkg:deb/debian/apache2@2.4.25-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.25-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-7659"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wshe-gf99-tbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3860?format=json","vulnerability_id":"VCID-ww49-y35r-ykdd","summary":"SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker.  Requires an unlikely configuration where mod_headers is configured to modify the Content-Type request or response header with a value provided in the HTTP request.\n\nUsers are recommended to upgrade to version 2.4.64 which fixes this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43204.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-43204.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43204","reference_id":"","reference_type":"","scores":[{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45583","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00228","scoring_system":"epss","scoring_elements":"0.45605","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46255","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.4625","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46273","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46245","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46248","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-43204"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43204","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43204"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374553","reference_id":"2374553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374553"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-43204.json","reference_id":"CVE-2024-43204","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-43204.json"},{"reference_url":"https://usn.ubuntu.com/7639-1/","reference_id":"USN-7639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-1/"},{"reference_url":"https://usn.ubuntu.com/7639-2/","reference_id":"USN-7639-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584089?format=json","purl":"pkg:deb/debian/apache2@2.4.64-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.64-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584090?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584091?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-43204"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ww49-y35r-ykdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3721?format=json","vulnerability_id":"VCID-wycq-jwzz-q7hf","summary":"A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0434","reference_id":"","reference_type":"","scores":[{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85501","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85428","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.8544","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.8546","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85463","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85484","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85492","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85506","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02554","scoring_system":"epss","scoring_elements":"0.85504","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=570171","reference_id":"570171","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=570171"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-0434.json","reference_id":"CVE-2010-0434","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-0434.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0168","reference_id":"RHSA-2010:0168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0175","reference_id":"RHSA-2010:0175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0396","reference_id":"RHSA-2010:0396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0396"},{"reference_url":"https://usn.ubuntu.com/908-1/","reference_id":"USN-908-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/908-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585966?format=json","purl":"pkg:deb/debian/apache2@2.2.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2010-0434"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wycq-jwzz-q7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87226?format=json","vulnerability_id":"VCID-xa3c-7qgs-5bgf","summary":"httpd: http 0.9 request bypass of the reverse proxy vulnerability CVE-2011-3368 fix","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3639.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3639.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3639","reference_id":"","reference_type":"","scores":[{"value":"0.08615","scoring_system":"epss","scoring_elements":"0.92392","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08615","scoring_system":"epss","scoring_elements":"0.92399","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08615","scoring_system":"epss","scoring_elements":"0.92407","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08615","scoring_system":"epss","scoring_elements":"0.9241","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08615","scoring_system":"epss","scoring_elements":"0.92422","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08615","scoring_system":"epss","scoring_elements":"0.92427","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08615","scoring_system":"epss","scoring_elements":"0.92433","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08615","scoring_system":"epss","scoring_elements":"0.92435","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3639"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=752080","reference_id":"752080","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=752080"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36663.txt","reference_id":"CVE-2011-3639;OSVDB-77444","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36663.txt"},{"reference_url":"https://www.securityfocus.com/bid/51869/info","reference_id":"CVE-2011-3639;OSVDB-77444","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/51869/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585158?format=json","purl":"pkg:deb/debian/apache2@2.2.18-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2011-3639"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xa3c-7qgs-5bgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3828?format=json","vulnerability_id":"VCID-xfm9-e5nr-wyat","summary":"If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes.\n\nThis issue affects Apache HTTP Server 2.4.52 and earlier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22721.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22721.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22721","reference_id":"","reference_type":"","scores":[{"value":"0.13159","scoring_system":"epss","scoring_elements":"0.94126","published_at":"2026-04-11T12:55:00Z"},{"value":"0.13159","scoring_system":"epss","scoring_elements":"0.94121","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13159","scoring_system":"epss","scoring_elements":"0.94104","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13159","scoring_system":"epss","scoring_elements":"0.94108","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13159","scoring_system":"epss","scoring_elements":"0.94117","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13159","scoring_system":"epss","scoring_elements":"0.94093","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94143","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22721"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064320","reference_id":"2064320","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064320"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2022-22721.json","reference_id":"CVE-2022-22721","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2022-22721.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6753","reference_id":"RHSA-2022:6753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7647","reference_id":"RHSA-2022:7647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8067","reference_id":"RHSA-2022:8067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8840","reference_id":"RHSA-2022:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5333-1/","reference_id":"USN-5333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5333-1/"},{"reference_url":"https://usn.ubuntu.com/5333-2/","reference_id":"USN-5333-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5333-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583022?format=json","purl":"pkg:deb/debian/apache2@2.4.53-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.53-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583023?format=json","purl":"pkg:deb/debian/apache2@2.4.53-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.53-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2022-22721"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfm9-e5nr-wyat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3867?format=json","vulnerability_id":"VCID-xhtj-rr3y-puc7","summary":"A bug in Apache HTTP Server 2.4.64 results in all \"RewriteCond expr ...\" tests evaluating as \"true\".\n\n\n\nUsers are recommended to upgrade to version 2.4.65, which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54090.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54090.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54090","reference_id":"","reference_type":"","scores":[{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52432","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52424","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.5246","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54431","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54409","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54405","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.544","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54448","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54090"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383014","reference_id":"2383014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383014"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-54090.json","reference_id":"CVE-2025-54090","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-54090.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582525?format=json","purl":"pkg:deb/debian/apache2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585548?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-54090"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xhtj-rr3y-puc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3843?format=json","vulnerability_id":"VCID-xhyc-9rpu-2bc8","summary":"Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.\n\nThis issue affects Apache HTTP Server: through 2.4.58.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38709.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38709.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38709","reference_id":"","reference_type":"","scores":[{"value":"0.03255","scoring_system":"epss","scoring_elements":"0.87129","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03255","scoring_system":"epss","scoring_elements":"0.8714","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03255","scoring_system":"epss","scoring_elements":"0.87134","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03342","scoring_system":"epss","scoring_elements":"0.87294","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03342","scoring_system":"epss","scoring_elements":"0.87277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03342","scoring_system":"epss","scoring_elements":"0.87261","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03342","scoring_system":"epss","scoring_elements":"0.87275","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03342","scoring_system":"epss","scoring_elements":"0.87302","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412","reference_id":"1068412","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068412"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Jul/18","reference_id":"18","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Jul/18"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273491","reference_id":"2273491","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2273491"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/04/3","reference_id":"3","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/04/3"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2023-38709.json","reference_id":"CVE-2023-38709","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2023-38709.json"},{"reference_url":"https://security.gentoo.org/glsa/202409-31","reference_id":"GLSA-202409-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-31"},{"reference_url":"https://support.apple.com/kb/HT214119","reference_id":"HT214119","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/"}],"url":"https://support.apple.com/kb/HT214119"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/","reference_id":"I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I2N2NZEX3MR64IWSGL3QGN7KSRUGAEMF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/","reference_id":"LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX5U34KYGDYPRH3AJ6MDDCBJDWDPXNVJ/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html","reference_id":"msg00013.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00013.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240415-0013/","reference_id":"ntap-20240415-0013","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240415-0013/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4197","reference_id":"RHSA-2024:4197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6927","reference_id":"RHSA-2024:6927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6928","reference_id":"RHSA-2024:6928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9306","reference_id":"RHSA-2024:9306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9306"},{"reference_url":"https://usn.ubuntu.com/6729-1/","reference_id":"USN-6729-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6729-1/"},{"reference_url":"https://usn.ubuntu.com/6729-2/","reference_id":"USN-6729-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6729-2/"},{"reference_url":"https://usn.ubuntu.com/6729-3/","reference_id":"USN-6729-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6729-3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/","reference_id":"WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-05T13:57:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNV4SZAPVS43DZWNFU7XBYYOZEZMI4ZC/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582458?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582459?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582460?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2023-38709"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xhyc-9rpu-2bc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3844?format=json","vulnerability_id":"VCID-xnfs-bpwj-3ycp","summary":"An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.\nThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\n\nThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\n\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43622.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43622","reference_id":"","reference_type":"","scores":[{"value":"0.59064","scoring_system":"epss","scoring_elements":"0.98216","published_at":"2026-04-02T12:55:00Z"},{"value":"0.61258","scoring_system":"epss","scoring_elements":"0.98318","published_at":"2026-04-13T12:55:00Z"},{"value":"0.61258","scoring_system":"epss","scoring_elements":"0.98307","published_at":"2026-04-04T12:55:00Z"},{"value":"0.61258","scoring_system":"epss","scoring_elements":"0.98309","published_at":"2026-04-07T12:55:00Z"},{"value":"0.61258","scoring_system":"epss","scoring_elements":"0.98314","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-43622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27316"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245153","reference_id":"2245153","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245153"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2023-43622.json","reference_id":"CVE-2023-43622","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2023-43622.json"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231027-0011/","reference_id":"ntap-20231027-0011","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T16:02:28Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231027-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2368","reference_id":"RHSA-2024:2368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2368"},{"reference_url":"https://usn.ubuntu.com/6506-1/","reference_id":"USN-6506-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6506-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582675?format=json","purl":"pkg:deb/debian/apache2@2.4.58-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.58-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582458?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582459?format=json","purl":"pkg:deb/debian/apache2@2.4.59-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.59-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2023-43622"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xnfs-bpwj-3ycp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3825?format=json","vulnerability_id":"VCID-xwnu-h1xh-3bg6","summary":"A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts).\nThe Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one.\n\nThis issue affects Apache HTTP Server 2.4.51 and earlier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44790.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44790.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44790","reference_id":"","reference_type":"","scores":[{"value":"0.86011","scoring_system":"epss","scoring_elements":"0.99393","published_at":"2026-04-13T12:55:00Z"},{"value":"0.87092","scoring_system":"epss","scoring_elements":"0.99437","published_at":"2026-04-02T12:55:00Z"},{"value":"0.87092","scoring_system":"epss","scoring_elements":"0.99438","published_at":"2026-04-01T12:55:00Z"},{"value":"0.87092","scoring_system":"epss","scoring_elements":"0.99439","published_at":"2026-04-07T12:55:00Z"},{"value":"0.87092","scoring_system":"epss","scoring_elements":"0.99441","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034674","reference_id":"2034674","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034674"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/51193.py","reference_id":"CVE-2021-44790","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/51193.py"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2021-44790.json","reference_id":"CVE-2021-44790","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2021-44790.json"},{"reference_url":"https://security.gentoo.org/glsa/202208-20","reference_id":"GLSA-202208-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0143","reference_id":"RHSA-2022:0143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0258","reference_id":"RHSA-2022:0258","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0288","reference_id":"RHSA-2022:0288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0303","reference_id":"RHSA-2022:0303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1136","reference_id":"RHSA-2022:1136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1137","reference_id":"RHSA-2022:1137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1138","reference_id":"RHSA-2022:1138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1139","reference_id":"RHSA-2022:1139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1139"},{"reference_url":"https://usn.ubuntu.com/5212-1/","reference_id":"USN-5212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5212-1/"},{"reference_url":"https://usn.ubuntu.com/5212-2/","reference_id":"USN-5212-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5212-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583700?format=json","purl":"pkg:deb/debian/apache2@2.4.52-1~deb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.52-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583701?format=json","purl":"pkg:deb/debian/apache2@2.4.52-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.52-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2021-44790"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xwnu-h1xh-3bg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3796?format=json","vulnerability_id":"VCID-y3k1-c4rn-xbc2","summary":"A malicious client could perform a DoS attack by flooding a connection with requests and basically never reading responses on the TCP connection. Depending on h2 worker dimensioning, it was possible to block those with relatively few connections.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9517.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9517","reference_id":"","reference_type":"","scores":[{"value":"0.04564","scoring_system":"epss","scoring_elements":"0.89159","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04564","scoring_system":"epss","scoring_elements":"0.89153","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05964","scoring_system":"epss","scoring_elements":"0.90652","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05964","scoring_system":"epss","scoring_elements":"0.90648","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05964","scoring_system":"epss","scoring_elements":"0.90657","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05964","scoring_system":"epss","scoring_elements":"0.90624","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05964","scoring_system":"epss","scoring_elements":"0.90631","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05964","scoring_system":"epss","scoring_elements":"0.90643","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10082"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9517"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1741868","reference_id":"1741868","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1741868"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2019-9517.json","reference_id":"CVE-2019-9517","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2019-9517.json"},{"reference_url":"https://security.gentoo.org/glsa/201909-04","reference_id":"GLSA-201909-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2893","reference_id":"RHSA-2019:2893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2946","reference_id":"RHSA-2019:2946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2949","reference_id":"RHSA-2019:2949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2950","reference_id":"RHSA-2019:2950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3932","reference_id":"RHSA-2019:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3933","reference_id":"RHSA-2019:3933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3935","reference_id":"RHSA-2019:3935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0922","reference_id":"RHSA-2020:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0983","reference_id":"RHSA-2020:0983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1445","reference_id":"RHSA-2020:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1445"},{"reference_url":"https://usn.ubuntu.com/4113-1/","reference_id":"USN-4113-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4113-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585842?format=json","purl":"pkg:deb/debian/apache2@2.4.41-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.41-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2019-9517"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3k1-c4rn-xbc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3667?format=json","vulnerability_id":"VCID-y56e-kuj4-97f6","summary":"A buffer overflow in the mod_ssl FakeBasicAuth code could be exploited by an attacker using a (trusted) client certificate with a subject DN field which exceeds 6K in length.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0488.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0488.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0488","reference_id":"","reference_type":"","scores":[{"value":"0.62663","scoring_system":"epss","scoring_elements":"0.9838","published_at":"2026-04-12T12:55:00Z"},{"value":"0.62663","scoring_system":"epss","scoring_elements":"0.98362","published_at":"2026-04-01T12:55:00Z"},{"value":"0.62663","scoring_system":"epss","scoring_elements":"0.98365","published_at":"2026-04-02T12:55:00Z"},{"value":"0.62663","scoring_system":"epss","scoring_elements":"0.98367","published_at":"2026-04-04T12:55:00Z"},{"value":"0.62663","scoring_system":"epss","scoring_elements":"0.98371","published_at":"2026-04-07T12:55:00Z"},{"value":"0.62663","scoring_system":"epss","scoring_elements":"0.98375","published_at":"2026-04-08T12:55:00Z"},{"value":"0.62663","scoring_system":"epss","scoring_elements":"0.98376","published_at":"2026-04-09T12:55:00Z"},{"value":"0.62663","scoring_system":"epss","scoring_elements":"0.98379","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0488"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0488","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0488"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430867","reference_id":"430867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430867"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2004-0488.json","reference_id":"CVE-2004-0488","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2004-0488.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:245","reference_id":"RHSA-2004:245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:342","reference_id":"RHSA-2004:342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:405","reference_id":"RHSA-2004:405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:816","reference_id":"RHSA-2005:816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0523","reference_id":"RHSA-2008:0523","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0523"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585373?format=json","purl":"pkg:deb/debian/apache2@2.0.50-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.50-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2004-0488"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y56e-kuj4-97f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3723?format=json","vulnerability_id":"VCID-y8nd-7h3r-7fh5","summary":"A flaw was found in the apr_brigade_split_line() function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service.","references":[{"reference_url":"http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak","reference_id":"","reference_type":"","scores":[],"url":"http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049885.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049939.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=130168502603566&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=130168502603566&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1623","reference_id":"","reference_type":"","scores":[{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96721","published_at":"2026-04-09T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96696","published_at":"2026-04-01T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96724","published_at":"2026-04-11T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96706","published_at":"2026-04-02T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96708","published_at":"2026-04-04T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.96712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.30774","scoring_system":"epss","scoring_elements":"0.9672","published_at":"2026-04-08T12:55:00Z"},{"value":"0.32649","scoring_system":"epss","scoring_elements":"0.96867","published_at":"2026-04-13T12:55:00Z"},{"value":"0.32649","scoring_system":"epss","scoring_elements":"0.96866","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623"},{"reference_url":"http://secunia.com/advisories/41701","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41701"},{"reference_url":"http://secunia.com/advisories/42015","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42015"},{"reference_url":"http://secunia.com/advisories/42361","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42361"},{"reference_url":"http://secunia.com/advisories/42367","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42367"},{"reference_url":"http://secunia.com/advisories/42403","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42403"},{"reference_url":"http://secunia.com/advisories/42537","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42537"},{"reference_url":"http://secunia.com/advisories/43211","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43211"},{"reference_url":"http://secunia.com/advisories/43285","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43285"},{"reference_url":"http://security-tracker.debian.org/tracker/CVE-2010-1623","reference_id":"","reference_type":"","scores":[],"url":"http://security-tracker.debian.org/tracker/CVE-2010-1623"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.627828"},{"reference_url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rad2acee3ab838b52c04a0698b1728a9a43467bf365bd481c993c535d%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12800"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003492","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003492"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003493","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003493"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003494","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003494"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003495","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003495"},{"reference_url":"http://svn.apache.org/viewvc?view=revision&revision=1003626","reference_id":"","reference_type":"","scores":[],"url":"http://svn.apache.org/viewvc?view=revision&revision=1003626"},{"reference_url":"http://ubuntu.com/usn/usn-1021-1","reference_id":"","reference_type":"","scores":[],"url":"http://ubuntu.com/usn/usn-1021-1"},{"reference_url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601","reference_id":"","reference_type":"","scores":[],"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PM31601"},{"reference_url":"http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3","reference_id":"","reference_type":"","scores":[],"url":"http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:192","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:192"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0950.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-0950.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0896.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0897.html"},{"reference_url":"http://www.securityfocus.com/bid/43673","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/43673"},{"reference_url":"http://www.ubuntu.com/usn/USN-1022-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1022-1"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2556","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2556"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2557","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2557"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2806","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2806"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3064","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3064"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3065","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3065"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3074","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3074"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0358","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0358"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=640281","reference_id":"640281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=640281"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:0.9.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2010-1623.json","reference_id":"CVE-2010-1623","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2010-1623.json"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1623","reference_id":"CVE-2010-1623","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1623"},{"reference_url":"https://security.gentoo.org/glsa/201405-24","reference_id":"GLSA-201405-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0950","reference_id":"RHSA-2010:0950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0950"},{"reference_url":"https://usn.ubuntu.com/1021-1/","reference_id":"USN-1021-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1021-1/"},{"reference_url":"https://usn.ubuntu.com/1022-1/","reference_id":"USN-1022-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1022-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584988?format=json","purl":"pkg:deb/debian/apache2@2.2.16-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.16-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2010-1623"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y8nd-7h3r-7fh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3661?format=json","vulnerability_id":"VCID-yjqs-kszf-yka1","summary":"By using a regular expression with more than 9 captures a buffer overflow can occur in mod_alias or mod_rewrite. To exploit this an attacker would need to be able to create a carefully crafted configuration file (.htaccess or httpd.conf)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0542.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0542.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0542","reference_id":"","reference_type":"","scores":[{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66912","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66838","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66876","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66902","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66875","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66924","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66937","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66957","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00523","scoring_system":"epss","scoring_elements":"0.66943","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0542"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617048","reference_id":"1617048","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617048"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0542.json","reference_id":"CVE-2003-0542","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0542.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:320","reference_id":"RHSA-2003:320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:360","reference_id":"RHSA-2003:360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:405","reference_id":"RHSA-2003:405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:015","reference_id":"RHSA-2004:015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:139","reference_id":"RHSA-2004:139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:816","reference_id":"RHSA-2005:816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:816"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586439?format=json","purl":"pkg:deb/debian/apache2@2.0.48?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.48%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0542"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yjqs-kszf-yka1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3733?format=json","vulnerability_id":"VCID-ym93-sxb8-fkdm","summary":"A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0031","reference_id":"","reference_type":"","scores":[{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78884","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78837","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78843","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78872","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78854","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78879","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78886","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78909","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01196","scoring_system":"epss","scoring_elements":"0.78893","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=773744","reference_id":"773744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=773744"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt","reference_id":"CVE-2012-0031","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0031.json","reference_id":"CVE-2012-0031","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0031.json"},{"reference_url":"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/","reference_id":"CVE-2012-0031","reference_type":"exploit","scores":[],"url":"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584769?format=json","purl":"pkg:deb/debian/apache2@2.2.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2012-0031"],"risk_score":4.2,"exploitability":"2.0","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ym93-sxb8-fkdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87223?format=json","vulnerability_id":"VCID-yq3t-swp5-abch","summary":"httpd: SetEnvIf resource exhaustion","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4415.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4415.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4415","reference_id":"","reference_type":"","scores":[{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63702","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63763","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63789","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63746","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63797","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63815","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63828","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63814","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00453","scoring_system":"epss","scoring_elements":"0.63781","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4415"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4415","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4415"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=750935","reference_id":"750935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=750935"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586778?format=json","purl":"pkg:deb/debian/apache2@2.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2011-4415"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yq3t-swp5-abch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3808?format=json","vulnerability_id":"VCID-yz3c-arnr-y3cs","summary":"In Apache HTTP Server versions 2.4.20 to 2.4.43, when trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools.\nConfiguring the LogLevel of mod_http2 above \"info\" will mitigate this vulnerability for unpatched servers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11993.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11993.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11993","reference_id":"","reference_type":"","scores":[{"value":"0.33361","scoring_system":"epss","scoring_elements":"0.96887","published_at":"2026-04-01T12:55:00Z"},{"value":"0.33361","scoring_system":"epss","scoring_elements":"0.96919","published_at":"2026-04-13T12:55:00Z"},{"value":"0.33361","scoring_system":"epss","scoring_elements":"0.96916","published_at":"2026-04-11T12:55:00Z"},{"value":"0.33361","scoring_system":"epss","scoring_elements":"0.96918","published_at":"2026-04-12T12:55:00Z"},{"value":"0.33361","scoring_system":"epss","scoring_elements":"0.96894","published_at":"2026-04-02T12:55:00Z"},{"value":"0.33361","scoring_system":"epss","scoring_elements":"0.96899","published_at":"2026-04-04T12:55:00Z"},{"value":"0.33361","scoring_system":"epss","scoring_elements":"0.96904","published_at":"2026-04-07T12:55:00Z"},{"value":"0.33361","scoring_system":"epss","scoring_elements":"0.96912","published_at":"2026-04-08T12:55:00Z"},{"value":"0.33361","scoring_system":"epss","scoring_elements":"0.96914","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11984"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9490"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866564","reference_id":"1866564","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866564"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2020-11993.json","reference_id":"CVE-2020-11993","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2020-11993.json"},{"reference_url":"https://security.gentoo.org/glsa/202008-04","reference_id":"GLSA-202008-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4383","reference_id":"RHSA-2020:4383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4384","reference_id":"RHSA-2020:4384","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4384"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1809","reference_id":"RHSA-2021:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1809"},{"reference_url":"https://usn.ubuntu.com/4458-1/","reference_id":"USN-4458-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4458-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585940?format=json","purl":"pkg:deb/debian/apache2@2.4.46-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.46-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2020-11993"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yz3c-arnr-y3cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3659?format=json","vulnerability_id":"VCID-za9f-j42y-ukdp","summary":"When a client requests that proxy ftp connect to a ftp server with IPv6 address, and the proxy is unable to create an IPv6 socket, an infinite loop occurs causing a remote Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0254.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0254.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0254","reference_id":"","reference_type":"","scores":[{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91653","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91661","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91667","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91676","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91688","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91695","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.91698","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0733","scoring_system":"epss","scoring_elements":"0.917","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0254"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0254","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0254"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617013","reference_id":"1617013","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617013"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2003-0254.json","reference_id":"CVE-2003-0254","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2003-0254.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:240","reference_id":"RHSA-2003:240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:240"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584275?format=json","purl":"pkg:deb/debian/apache2@2.0.47?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.0.47%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2003-0254"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-za9f-j42y-ukdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3776?format=json","vulnerability_id":"VCID-zc2p-sfu7-jkhc","summary":"mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset conversion table, a fallback mechanism is used to truncate it to a two characters value to allow a quick retry (for example, 'en-US' is truncated to 'en'). A header value of less than two characters forces an out of bound write of one NUL byte to a memory location that is not part of the string. In the worst case, quite unlikely, the process would crash which could be used as a Denial of Service attack. In the more likely case, this memory is already reserved for future use and the issue has no effect at all.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15710.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15710.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15710","reference_id":"","reference_type":"","scores":[{"value":"0.08002","scoring_system":"epss","scoring_elements":"0.92065","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08002","scoring_system":"epss","scoring_elements":"0.92105","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08002","scoring_system":"epss","scoring_elements":"0.92097","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08002","scoring_system":"epss","scoring_elements":"0.921","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08002","scoring_system":"epss","scoring_elements":"0.92104","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08002","scoring_system":"epss","scoring_elements":"0.92072","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08002","scoring_system":"epss","scoring_elements":"0.9208","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08002","scoring_system":"epss","scoring_elements":"0.92085","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560599","reference_id":"1560599","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560599"},{"reference_url":"https://security.archlinux.org/ASA-201804-4","reference_id":"ASA-201804-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201804-4"},{"reference_url":"https://security.archlinux.org/AVG-664","reference_id":"AVG-664","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-664"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-15710.json","reference_id":"CVE-2017-15710","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-15710.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0366","reference_id":"RHSA-2019:0366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0367","reference_id":"RHSA-2019:0367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1121","reference_id":"RHSA-2020:1121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1121"},{"reference_url":"https://usn.ubuntu.com/3627-1/","reference_id":"USN-3627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-1/"},{"reference_url":"https://usn.ubuntu.com/3627-2/","reference_id":"USN-3627-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3627-2/"},{"reference_url":"https://usn.ubuntu.com/3937-2/","reference_id":"USN-3937-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3937-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584735?format=json","purl":"pkg:deb/debian/apache2@2.4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2017-15710"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zc2p-sfu7-jkhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3714?format=json","vulnerability_id":"VCID-zkbr-1m2z-ufe7","summary":"A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3094","reference_id":"","reference_type":"","scores":[{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86183","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86118","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86144","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86163","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86175","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86189","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02833","scoring_system":"epss","scoring_elements":"0.86187","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=521619","reference_id":"521619","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=521619"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951","reference_id":"545951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2009-3094.json","reference_id":"CVE-2009-3094","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2009-3094.json"},{"reference_url":"https://usn.ubuntu.com/860-1/","reference_id":"USN-860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/860-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585010?format=json","purl":"pkg:deb/debian/apache2@2.2.13-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.2.13-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2009-3094"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkbr-1m2z-ufe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3864?format=json","vulnerability_id":"VCID-zxet-n94k-57ge","summary":"In certain proxy configurations, a denial of service attack against Apache HTTP Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients causing an assertion in mod_proxy_http2.\n\nConfigurations affected are a reverse proxy is configured for an HTTP/2 backend, with ProxyPreserveHost set to \"on\".","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49630.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49630.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49630","reference_id":"","reference_type":"","scores":[{"value":"0.01043","scoring_system":"epss","scoring_elements":"0.77462","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01043","scoring_system":"epss","scoring_elements":"0.77459","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01043","scoring_system":"epss","scoring_elements":"0.77485","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01043","scoring_system":"epss","scoring_elements":"0.77465","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01043","scoring_system":"epss","scoring_elements":"0.77413","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01043","scoring_system":"epss","scoring_elements":"0.77439","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01043","scoring_system":"epss","scoring_elements":"0.77419","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01043","scoring_system":"epss","scoring_elements":"0.7745","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49630"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49630"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374578","reference_id":"2374578","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374578"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2025-49630.json","reference_id":"CVE-2025-49630","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2025-49630.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13680","reference_id":"RHSA-2025:13680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13681","reference_id":"RHSA-2025:13681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14625","reference_id":"RHSA-2025:14625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14983","reference_id":"RHSA-2025:14983","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14983"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15123","reference_id":"RHSA-2025:15123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15516","reference_id":"RHSA-2025:15516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15619","reference_id":"RHSA-2025:15619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15684","reference_id":"RHSA-2025:15684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15698","reference_id":"RHSA-2025:15698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15725","reference_id":"RHSA-2025:15725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15726","reference_id":"RHSA-2025:15726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15727","reference_id":"RHSA-2025:15727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15727"},{"reference_url":"https://usn.ubuntu.com/7639-1/","reference_id":"USN-7639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-1/"},{"reference_url":"https://usn.ubuntu.com/7639-2/","reference_id":"USN-7639-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584089?format=json","purl":"pkg:deb/debian/apache2@2.4.64-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.64-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584090?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584091?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2025-49630"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zxet-n94k-57ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3862?format=json","vulnerability_id":"VCID-zyyh-n42k-8bhr","summary":"Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations.\n\nIn a logging configuration where CustomLog is used with \"%{varname}x\" or \"%{varname}c\" to log variables provided by mod_ssl such as SSL_TLS_SNI, no escaping is performed by either mod_log_config or mod_ssl and unsanitized data provided by the client may appear in log files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47252.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47252.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47252","reference_id":"","reference_type":"","scores":[{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37345","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37371","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39845","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39886","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39895","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39861","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39817","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39872","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47252"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374571","reference_id":"2374571","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374571"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2024-47252.json","reference_id":"CVE-2024-47252","reference_type":"","scores":[],"url":"https://httpd.apache.org/security/json/CVE-2024-47252.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13680","reference_id":"RHSA-2025:13680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13681","reference_id":"RHSA-2025:13681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14901","reference_id":"RHSA-2025:14901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14902","reference_id":"RHSA-2025:14902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14903","reference_id":"RHSA-2025:14903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14997","reference_id":"RHSA-2025:14997","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14997"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15023","reference_id":"RHSA-2025:15023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15095","reference_id":"RHSA-2025:15095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15123","reference_id":"RHSA-2025:15123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15516","reference_id":"RHSA-2025:15516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15619","reference_id":"RHSA-2025:15619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15684","reference_id":"RHSA-2025:15684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15698","reference_id":"RHSA-2025:15698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15698"},{"reference_url":"https://usn.ubuntu.com/7639-1/","reference_id":"USN-7639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-1/"},{"reference_url":"https://usn.ubuntu.com/7639-2/","reference_id":"USN-7639-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7639-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582274?format=json","purl":"pkg:deb/debian/apache2@2.4.62-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.62-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584089?format=json","purl":"pkg:deb/debian/apache2@2.4.64-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.64-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584090?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584091?format=json","purl":"pkg:deb/debian/apache2@2.4.65-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.65-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582275?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582276?format=json","purl":"pkg:deb/debian/apache2@2.4.66-1~deb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-1~deb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582277?format=json","purl":"pkg:deb/debian/apache2@2.4.66-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}],"aliases":["CVE-2024-47252"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zyyh-n42k-8bhr"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/apache2@2.4.66-8%3Fdistro=trixie"}