Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie

Type deb

Namespace debian

Name apr

Version 1.7.2-3+deb12u1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.7.5-1

Latest_non_vulnerable_version 1.7.6-3

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-29bh-jatc-73ad

vulnerability_id VCID-29bh-jatc-73ad

summary

Memory consumption errors in Apache Portable Runtime and APR
    Utility Library could result in Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0840.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0840.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0840

reference_id

reference_type

scores

value	0.37182
scoring_system	epss
scoring_elements	0.97137
published_at	2026-04-01T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.97143
published_at	2026-04-02T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.97149
published_at	2026-04-04T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.9715
published_at	2026-04-07T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.9716
published_at	2026-04-09T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.97164
published_at	2026-04-11T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.97165
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655435
reference_id	655435
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655435

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=781606
reference_id	781606
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=781606

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/36669.txt
reference_id	CVE-2012-0840;OSVDB-78932
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/36669.txt

reference_url	https://www.securityfocus.com/bid/51917/info
reference_id	CVE-2012-0840;OSVDB-78932
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/51917/info

reference_url	https://security.gentoo.org/glsa/201405-24
reference_id	GLSA-201405-24
reference_type
scores
url	https://security.gentoo.org/glsa/201405-24

fixed_packages

url	pkg:deb/debian/apr@1.4.6-1?distro=trixie
purl	pkg:deb/debian/apr@1.4.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.4.6-1%3Fdistro=trixie

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2012-0840

risk_score 0.6

exploitability 2.0

weighted_severity 0.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29bh-jatc-73ad

url VCID-3cea-3rkm-r7gs

vulnerability_id VCID-3cea-3rkm-r7gs

summary

A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.
Workaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.
Resolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)

references

reference_url	http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22
reference_id
reference_type
scores
url	http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c#rev1.22

reference_url	http://cxib.net/stuff/apache.fnmatch.phps
reference_id
reference_type
scores
url	http://cxib.net/stuff/apache.fnmatch.phps

reference_url	http://cxib.net/stuff/apr_fnmatch.txts
reference_id
reference_type
scores
url	http://cxib.net/stuff/apr_fnmatch.txts

reference_url	http://httpd.apache.org/security/vulnerabilities_22.html
reference_id
reference_type
scores
url	http://httpd.apache.org/security/vulnerabilities_22.html

reference_url	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html

reference_url	http://marc.info/?l=bugtraq&m=131551295528105&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=131551295528105&w=2

reference_url	http://marc.info/?l=bugtraq&m=131731002122529&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=131731002122529&w=2

reference_url	http://marc.info/?l=bugtraq&m=132033751509019&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=132033751509019&w=2

reference_url	http://marc.info/?l=bugtraq&m=134987041210674&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=134987041210674&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0419

reference_id

reference_type

scores

value	0.48782
scoring_system	epss
scoring_elements	0.97759
published_at	2026-04-13T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97735
published_at	2026-04-01T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97756
published_at	2026-04-11T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97758
published_at	2026-04-12T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97741
published_at	2026-04-02T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97743
published_at	2026-04-04T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97745
published_at	2026-04-07T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.9775
published_at	2026-04-08T12:55:00Z

value	0.48782
scoring_system	epss
scoring_elements	0.97753
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419

reference_url	http://secunia.com/advisories/44490
reference_id
reference_type
scores
url	http://secunia.com/advisories/44490

reference_url	http://secunia.com/advisories/44564
reference_id
reference_type
scores
url	http://secunia.com/advisories/44564

reference_url	http://secunia.com/advisories/44574
reference_id
reference_type
scores
url	http://secunia.com/advisories/44574

reference_url	http://secunia.com/advisories/48308
reference_id
reference_type
scores
url	http://secunia.com/advisories/48308

reference_url	http://securityreason.com/achievement_securityalert/98
reference_id
reference_type
scores
url	http://securityreason.com/achievement_securityalert/98

reference_url	http://securityreason.com/securityalert/8246
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/8246

reference_url	http://securitytracker.com/id?1025527
reference_id
reference_type
scores
url	http://securitytracker.com/id?1025527

reference_url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r064df0985779b7ee044d3120d71ba59750427cf53f57ba3384e3773f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1d201e3da31a2c8aa870c8314623caef7debd74a13d0f25205e26f15%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r688df6f16f141e966a0a47f817e559312b3da27886f59116a94b273d%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re2e23465bbdb17ffe109d21b4f192e6b58221cd7aa8797d530b4cd75%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14638

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14804

reference_url	http://support.apple.com/kb/HT5002
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT5002

reference_url	http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/strings/apr_fnmatch.c?r1=731029&r2=1098902

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1098188
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1098188

reference_url	http://svn.apache.org/viewvc?view=revision&revision=1098799
reference_id
reference_type
scores
url	http://svn.apache.org/viewvc?view=revision&revision=1098799

reference_url	http://www.apache.org/dist/apr/Announcement1.x.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/Announcement1.x.html

reference_url	http://www.apache.org/dist/apr/CHANGES-APR-1.4
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/CHANGES-APR-1.4

reference_url	http://www.apache.org/dist/httpd/Announcement2.2.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/httpd/Announcement2.2.html

reference_url	http://www.debian.org/security/2011/dsa-2237
reference_id
reference_type
scores
url	http://www.debian.org/security/2011/dsa-2237

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23960.html

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23961.html

reference_url	http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html
reference_id
reference_type
scores
url	http://www.mail-archive.com/dev%40apr.apache.org/msg23976.html

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:084
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:084

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

reference_url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15
reference_id
reference_type
scores
url	http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/fnmatch.c#rev1.15

reference_url	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

reference_url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0507.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0507.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0896.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0896.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0897.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0897.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=703390
reference_id	703390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=703390

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::
reference_id	cpe:2.3:a:apache:http_server::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::
reference_id	cpe:2.3:a:apache:portable_runtime::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*
reference_id	cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::
reference_id	cpe:2.3:o:freebsd:freebsd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::
reference_id	cpe:2.3:o:google:android::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:::::::*
reference_id	cpe:2.3:o:netbsd:netbsd:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:netbsd:netbsd:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:::::::*
reference_id	cpe:2.3:o:openbsd:openbsd:4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:openbsd:openbsd:4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*
reference_id	cpe:2.3:o:oracle:solaris:10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*
reference_id	cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::-:::*

reference_url

https://httpd.apache.org/security/json/CVE-2011-0419.json

reference_id

CVE-2011-0419

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2011-0419.json

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-0419

reference_id

CVE-2011-0419

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-0419

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php
reference_id	CVE-2011-0419;OSVDB-73383
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php

reference_url	https://www.securityfocus.com/bid/47820/info
reference_id	CVE-2011-0419;OSVDB-73383
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/47820/info

reference_url	https://security.gentoo.org/glsa/201405-24
reference_id	GLSA-201405-24
reference_type
scores
url	https://security.gentoo.org/glsa/201405-24

reference_url	https://access.redhat.com/errata/RHSA-2011:0507
reference_id	RHSA-2011:0507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0507

reference_url	https://usn.ubuntu.com/1134-1/
reference_id	USN-1134-1
reference_type
scores
url	https://usn.ubuntu.com/1134-1/

fixed_packages

url	pkg:deb/debian/apr@1.4.4-1?distro=trixie
purl	pkg:deb/debian/apr@1.4.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.4.4-1%3Fdistro=trixie

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2011-0419

risk_score 9.6

exploitability 2.0

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3cea-3rkm-r7gs

url VCID-3qre-qddd-eqgk

vulnerability_id VCID-3qre-qddd-eqgk

summary apr: integer overflow/wraparound in apr_encode

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24963.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24963.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24963

reference_id

reference_type

scores

value	0.00138
scoring_system	epss
scoring_elements	0.3392
published_at	2026-04-02T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33811
published_at	2026-04-13T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33804
published_at	2026-04-07T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33847
published_at	2026-04-08T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33879
published_at	2026-04-09T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33878
published_at	2026-04-11T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33836
published_at	2026-04-12T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33951
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24963

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24963
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24963

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2169465
reference_id	2169465
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2169465

reference_url

https://lists.apache.org/thread/fw9p6sdncwsjkstwc066vz57xqzfksq9

reference_id

fw9p6sdncwsjkstwc066vz57xqzfksq9

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-27T14:33:34Z/

url

https://lists.apache.org/thread/fw9p6sdncwsjkstwc066vz57xqzfksq9

reference_url

https://security.netapp.com/advisory/ntap-20230908-0008/

reference_id

ntap-20230908-0008

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-27T14:33:34Z/

url

https://security.netapp.com/advisory/ntap-20230908-0008/

reference_url	https://access.redhat.com/errata/RHSA-2023:4628
reference_id	RHSA-2023:4628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4628

reference_url	https://access.redhat.com/errata/RHSA-2023:4629
reference_id	RHSA-2023:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4629

reference_url	https://access.redhat.com/errata/RHSA-2023:4909
reference_id	RHSA-2023:4909
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4909

reference_url	https://access.redhat.com/errata/RHSA-2023:4910
reference_id	RHSA-2023:4910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4910

reference_url	https://access.redhat.com/errata/RHSA-2023:7711
reference_id	RHSA-2023:7711
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7711

reference_url	https://usn.ubuntu.com/5885-1/
reference_id	USN-5885-1
reference_type
scores
url	https://usn.ubuntu.com/5885-1/

fixed_packages

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2022-24963

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3qre-qddd-eqgk

url VCID-7s2y-pvar-qqe3

vulnerability_id VCID-7s2y-pvar-qqe3

summary Faulty error handling was found affecting Solaris pollset support (Event Port backend) caused by a bug in APR. A remote attacker could trigger this issue on Solaris servers which used prefork or event MPMs, resulting in a denial of service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2699.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2699.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2699

reference_id

reference_type

scores

value	0.08727
scoring_system	epss
scoring_elements	0.92498
published_at	2026-04-13T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92457
published_at	2026-04-01T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92463
published_at	2026-04-02T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92472
published_at	2026-04-04T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92475
published_at	2026-04-07T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92487
published_at	2026-04-08T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92491
published_at	2026-04-09T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92497
published_at	2026-04-11T12:55:00Z

value	0.08727
scoring_system	epss
scoring_elements	0.92499
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2699

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=528756
reference_id	528756
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=528756

reference_url

https://httpd.apache.org/security/json/CVE-2009-2699.json

reference_id

CVE-2009-2699

reference_type

scores

value	moderate
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-2699.json

fixed_packages

url	pkg:deb/debian/apr@0?distro=trixie
purl	pkg:deb/debian/apr@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@0%3Fdistro=trixie

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2009-2699

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7s2y-pvar-qqe3

url VCID-dp5k-enj4-h7gu

vulnerability_id VCID-dp5k-enj4-h7gu

summary apr: Windows out-of-bounds write in apr_socket_sendv function

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28331.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28331.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-28331

reference_id

reference_type

scores

value	0.00284
scoring_system	epss
scoring_elements	0.5177
published_at	2026-04-02T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51824
published_at	2026-04-13T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51859
published_at	2026-04-11T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51839
published_at	2026-04-12T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51796
published_at	2026-04-04T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51756
published_at	2026-04-07T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51811
published_at	2026-04-08T12:55:00Z

value	0.00284
scoring_system	epss
scoring_elements	0.51808
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-28331

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2172556
reference_id	2172556
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2172556

reference_url

https://lists.apache.org/thread/5pfdfn7h0vsdo5xzjn97vghp0x42jj2r

reference_id

5pfdfn7h0vsdo5xzjn97vghp0x42jj2r

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-27T14:31:25Z/

url

https://lists.apache.org/thread/5pfdfn7h0vsdo5xzjn97vghp0x42jj2r

reference_url	https://access.redhat.com/errata/RHSA-2023:4628
reference_id	RHSA-2023:4628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4628

reference_url	https://access.redhat.com/errata/RHSA-2023:4910
reference_id	RHSA-2023:4910
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4910

fixed_packages

url	pkg:deb/debian/apr@0?distro=trixie
purl	pkg:deb/debian/apr@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@0%3Fdistro=trixie

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2022-28331

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dp5k-enj4-h7gu

url VCID-g38k-gh86-pkcn

vulnerability_id VCID-g38k-gh86-pkcn

summary APR: Lax permissions in Apache Portable Runtime shared memory

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49582.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49582.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-49582

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.06637
published_at	2026-04-02T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06735
published_at	2026-04-13T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06751
published_at	2026-04-09T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.0675
published_at	2026-04-11T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06742
published_at	2026-04-12T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06681
published_at	2026-04-04T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06667
published_at	2026-04-07T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06717
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-49582

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49582
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49582

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080375
reference_id	1080375
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080375

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2307913
reference_id	2307913
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2307913

reference_url

https://lists.apache.org/thread/sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4

reference_id

sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-26T17:39:05Z/

url

https://lists.apache.org/thread/sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4

reference_url	https://usn.ubuntu.com/7038-1/
reference_id	USN-7038-1
reference_type
scores
url	https://usn.ubuntu.com/7038-1/

reference_url	https://usn.ubuntu.com/7038-2/
reference_id	USN-7038-2
reference_type
scores
url	https://usn.ubuntu.com/7038-2/

fixed_packages

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2023-49582

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g38k-gh86-pkcn

url VCID-jdxe-krj9-8kax

vulnerability_id VCID-jdxe-krj9-8kax

summary apr: Out-of-bounds array deref in apr_time_exp*() functions

references

reference_url	https://access.redhat.com/errata/RHSA-2018:0465
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0465

reference_url	https://access.redhat.com/errata/RHSA-2018:0466
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0466

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12613.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12613.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12613

reference_id

reference_type

scores

value	0.0025
scoring_system	epss
scoring_elements	0.48167
published_at	2026-04-01T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48234
published_at	2026-04-13T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48176
published_at	2026-04-07T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.4823
published_at	2026-04-08T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48224
published_at	2026-04-09T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48249
published_at	2026-04-11T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48223
published_at	2026-04-12T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48205
published_at	2026-04-02T12:55:00Z

value	0.0025
scoring_system	epss
scoring_elements	0.48225
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12613

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12613
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12613

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.7
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:M/C:P/I:N/A:P

value	3.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.apache.org/thread.html/12489f2e4a9f9d390235c16298aca0d20658789de80d553513977f13%40%3Cannounce.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/12489f2e4a9f9d390235c16298aca0d20658789de80d553513977f13%40%3Cannounce.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r270dd5022db194b78acaf509216a33c85f3da43757defa05cc766339%40%3Ccommits.apr.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r270dd5022db194b78acaf509216a33c85f3da43757defa05cc766339%40%3Ccommits.apr.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ra2868b53339a6af65577146ad87016368c138388b09bff9d2860f50e%40%3Cdev.apr.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ra2868b53339a6af65577146ad87016368c138388b09bff9d2860f50e%40%3Cdev.apr.apache.org%3E

reference_url	https://lists.apache.org/thread.html/ra38094406cc38a05218ebd1158187feda021b0c3a1df400bbf296af8%40%3Cdev.apr.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/ra38094406cc38a05218ebd1158187feda021b0c3a1df400bbf296af8%40%3Cdev.apr.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb1f3c85f50fbd924a0051675118d1609e57957a02ece7facb723155b%40%3Cannounce.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb1f3c85f50fbd924a0051675118d1609e57957a02ece7facb723155b%40%3Cannounce.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rcc48a0acebbd74bbdeebc02ff228bb72c0631b21823fffe27d4691e9%40%3Ccommits.apr.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rcc48a0acebbd74bbdeebc02ff228bb72c0631b21823fffe27d4691e9%40%3Ccommits.apr.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00005.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00005.html

reference_url	https://lists.debian.org/debian-lts-announce/2022/01/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2022/01/msg00023.html

reference_url	https://svn.apache.org/viewvc?view=revision&revision=1807976
reference_id
reference_type
scores
url	https://svn.apache.org/viewvc?view=revision&revision=1807976

reference_url	http://www.apache.org/dist/apr/Announcement1.x.html
reference_id
reference_type
scores
url	http://www.apache.org/dist/apr/Announcement1.x.html

reference_url	http://www.openwall.com/lists/oss-security/2021/08/23/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2021/08/23/1

reference_url	http://www.securityfocus.com/bid/101560
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101560

reference_url	http://www.securitytracker.com/id/1042004
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1042004

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1506523
reference_id	1506523
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1506523

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879708
reference_id	879708
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879708

reference_url	https://security.archlinux.org/ASA-201710-32
reference_id	ASA-201710-32
reference_type
scores
url	https://security.archlinux.org/ASA-201710-32

reference_url

https://security.archlinux.org/AVG-469

reference_id

AVG-469

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-469

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::
reference_id	cpe:2.3:a:apache:portable_runtime::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:portable_runtime::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:-:::::::*
reference_id	cpe:2.3:a:redhat:jboss_core_services:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_core_services:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:::::::*
reference_id	cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-12613

reference_id

CVE-2017-12613

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:P

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-12613

reference_url	https://access.redhat.com/errata/RHSA-2017:3270
reference_id	RHSA-2017:3270
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3270

reference_url	https://access.redhat.com/errata/RHSA-2017:3475
reference_id	RHSA-2017:3475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3475

reference_url	https://access.redhat.com/errata/RHSA-2017:3476
reference_id	RHSA-2017:3476
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3476

reference_url	https://access.redhat.com/errata/RHSA-2017:3477
reference_id	RHSA-2017:3477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3477

reference_url	https://access.redhat.com/errata/RHSA-2018:0316
reference_id	RHSA-2018:0316
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0316

reference_url	https://access.redhat.com/errata/RHSA-2018:1253
reference_id	RHSA-2018:1253
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1253

fixed_packages

url	pkg:deb/debian/apr@1.6.3-1?distro=trixie
purl	pkg:deb/debian/apr@1.6.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.6.3-1%3Fdistro=trixie

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2017-12613

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jdxe-krj9-8kax

url VCID-qebd-7szr-y7cx

vulnerability_id VCID-qebd-7szr-y7cx

summary

Memory consumption errors in Apache Portable Runtime and APR
    Utility Library could result in Denial of Service.

references

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627182
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627182

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00011.html

reference_url	http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/%3C4DD55092.3030403%40apache.org%3E
reference_id
reference_type
scores
url	http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/%3C4DD55092.3030403%40apache.org%3E

reference_url	http://mail-archives.apache.org/mod_mbox/www-announce/201105.mbox/%3c4DD55076.1060005%40apache.org%3e
reference_id
reference_type
scores
url	http://mail-archives.apache.org/mod_mbox/www-announce/201105.mbox/%3c4DD55076.1060005%40apache.org%3e

reference_url	http://marc.info/?l=bugtraq&m=134987041210674&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=134987041210674&w=2

reference_url	http://openwall.com/lists/oss-security/2011/05/19/10
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2011/05/19/10

reference_url	http://openwall.com/lists/oss-security/2011/05/19/5
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2011/05/19/5

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1928.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1928.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-1928

reference_id

reference_type

scores

value	0.14392
scoring_system	epss
scoring_elements	0.94422
published_at	2026-04-13T12:55:00Z

value	0.14392
scoring_system	epss
scoring_elements	0.94383
published_at	2026-04-01T12:55:00Z

value	0.14392
scoring_system	epss
scoring_elements	0.94391
published_at	2026-04-02T12:55:00Z

value	0.14392
scoring_system	epss
scoring_elements	0.94402
published_at	2026-04-04T12:55:00Z

value	0.14392
scoring_system	epss
scoring_elements	0.94404
published_at	2026-04-07T12:55:00Z

value	0.14392
scoring_system	epss
scoring_elements	0.94414
published_at	2026-04-08T12:55:00Z

value	0.14392
scoring_system	epss
scoring_elements	0.94417
published_at	2026-04-09T12:55:00Z

value	0.14392
scoring_system	epss
scoring_elements	0.9442
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928

reference_url	http://secunia.com/advisories/44558
reference_id
reference_type
scores
url	http://secunia.com/advisories/44558

reference_url	http://secunia.com/advisories/44613
reference_id
reference_type
scores
url	http://secunia.com/advisories/44613

reference_url	http://secunia.com/advisories/44661
reference_id
reference_type
scores
url	http://secunia.com/advisories/44661

reference_url	http://secunia.com/advisories/44780
reference_id
reference_type
scores
url	http://secunia.com/advisories/44780

reference_url	http://secunia.com/advisories/48308
reference_id
reference_type
scores
url	http://secunia.com/advisories/48308

reference_url	https://issues.apache.org/bugzilla/show_bug.cgi?id=51219
reference_id
reference_type
scores
url	https://issues.apache.org/bugzilla/show_bug.cgi?id=51219

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:095
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:095

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0844.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0844.html

reference_url	http://www.vupen.com/english/advisories/2011/1289
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/1289

reference_url	http://www.vupen.com/english/advisories/2011/1290
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/1290

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627182
reference_id	627182
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627182

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=706203
reference_id	706203
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=706203

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.4.3:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.4.4:::::::*
reference_id	cpe:2.3:a:apache:apr-util:1.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apr-util:1.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:::::::*
reference_id	cpe:2.3:a:apache:http_server:2.2.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:2.2.18:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-1928

reference_id

CVE-2011-1928

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-1928

reference_url	https://security.gentoo.org/glsa/201405-24
reference_id	GLSA-201405-24
reference_type
scores
url	https://security.gentoo.org/glsa/201405-24

reference_url	https://access.redhat.com/errata/RHSA-2011:0844
reference_id	RHSA-2011:0844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0844

reference_url	https://usn.ubuntu.com/1134-1/
reference_id	USN-1134-1
reference_type
scores
url	https://usn.ubuntu.com/1134-1/

fixed_packages

url	pkg:deb/debian/apr@1.4.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.4.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.4.5-1%3Fdistro=trixie

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2011-1928

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qebd-7szr-y7cx

url VCID-umuk-3n1q-3qet

vulnerability_id VCID-umuk-3n1q-3qet

summary A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2412

reference_id

reference_type

scores

value	0.07751
scoring_system	epss
scoring_elements	0.91943
published_at	2026-04-13T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91904
published_at	2026-04-01T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91912
published_at	2026-04-02T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.9192
published_at	2026-04-04T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91926
published_at	2026-04-07T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91939
published_at	2026-04-08T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91944
published_at	2026-04-09T12:55:00Z

value	0.07751
scoring_system	epss
scoring_elements	0.91947
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2412

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=515698
reference_id	515698
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=515698

reference_url

https://httpd.apache.org/security/json/CVE-2009-2412.json

reference_id

CVE-2009-2412

reference_type

scores

value	low
scoring_system	apache_httpd
scoring_elements

url

https://httpd.apache.org/security/json/CVE-2009-2412.json

reference_url	https://security.gentoo.org/glsa/200909-03
reference_id	GLSA-200909-03
reference_type
scores
url	https://security.gentoo.org/glsa/200909-03

reference_url	https://access.redhat.com/errata/RHSA-2009:1204
reference_id	RHSA-2009:1204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1204

reference_url	https://access.redhat.com/errata/RHSA-2009:1205
reference_id	RHSA-2009:1205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1205

reference_url	https://access.redhat.com/errata/RHSA-2009:1462
reference_id	RHSA-2009:1462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1462

reference_url	https://usn.ubuntu.com/813-1/
reference_id	USN-813-1
reference_type
scores
url	https://usn.ubuntu.com/813-1/

reference_url	https://usn.ubuntu.com/813-2/
reference_id	USN-813-2
reference_type
scores
url	https://usn.ubuntu.com/813-2/

reference_url	https://usn.ubuntu.com/813-3/
reference_id	USN-813-3
reference_type
scores
url	https://usn.ubuntu.com/813-3/

fixed_packages

url	pkg:deb/debian/apr@1.3.8-1?distro=trixie
purl	pkg:deb/debian/apr@1.3.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.3.8-1%3Fdistro=trixie

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2009-2412

risk_score 1.1

exploitability 0.5

weighted_severity 2.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-umuk-3n1q-3qet

url VCID-xz52-5z1u-cuf9

vulnerability_id VCID-xz52-5z1u-cuf9

summary apr: Regression of CVE-2017-12613 fix in apr 1.7

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35940.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35940.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-35940

reference_id

reference_type

scores

value	0.00057
scoring_system	epss
scoring_elements	0.17837
published_at	2026-04-01T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17825
published_at	2026-04-13T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17918
published_at	2026-04-11T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17874
published_at	2026-04-12T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17999
published_at	2026-04-02T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18054
published_at	2026-04-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17754
published_at	2026-04-07T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17842
published_at	2026-04-08T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17903
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-35940

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35940
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35940

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1980328
reference_id	1980328
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1980328

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992789
reference_id	992789
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992789

reference_url

https://security.archlinux.org/AVG-2313

reference_id

AVG-2313

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2313

reference_url	https://usn.ubuntu.com/5056-1/
reference_id	USN-5056-1
reference_type
scores
url	https://usn.ubuntu.com/5056-1/

fixed_packages

url	pkg:deb/debian/apr@1.7.0-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.0-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.0-7?distro=trixie
purl	pkg:deb/debian/apr@1.7.0-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-7%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

aliases CVE-2021-35940

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xz52-5z1u-cuf9

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

Package Instance