Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/74956?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/74956?format=api", "purl": "pkg:apache/httpd@2.2.13", "type": "apache", "namespace": "", "name": "httpd", "version": "2.2.13", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.4.42", "latest_non_vulnerable_version": "2.4.54", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51043?format=api", "vulnerability_id": "VCID-189a-yyhy-q7ds", "summary": "XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39561", "scoring_system": "epss", "scoring_elements": "0.97382", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.39561", "scoring_system": "epss", "scoring_elements": "0.97388", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.39561", "scoring_system": "epss", "scoring_elements": "0.97389", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.39561", "scoring_system": "epss", "scoring_elements": "0.9739", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.39561", "scoring_system": "epss", "scoring_elements": "0.97391", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077867", "reference_id": "1077867", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077867" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-6438.json", "reference_id": "CVE-2013-6438", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-6438.json" }, { "reference_url": "https://security.gentoo.org/glsa/201408-12", "reference_id": "GLSA-201408-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0369", "reference_id": "RHSA-2014:0369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0370", "reference_id": "RHSA-2014:0370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0783", "reference_id": "RHSA-2014:0783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0784", "reference_id": "RHSA-2014:0784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0825", "reference_id": "RHSA-2014:0825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0826", "reference_id": "RHSA-2014:0826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0826" }, { "reference_url": "https://usn.ubuntu.com/2152-1/", "reference_id": "USN-2152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2152-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74980?format=api", "purl": "pkg:apache/httpd@2.2.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/74981?format=api", "purl": "pkg:apache/httpd@2.4.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-9dw1-6m3c-syd1" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-snas-xc79-mkge" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-tmjs-99hk-syat" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9" } ], "aliases": [ "CVE-2013-6438" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-189a-yyhy-q7ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51060?format=api", "vulnerability_id": "VCID-1cpt-rd7f-8qhk", "summary": "Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the \"Location\" or other outbound header key or value.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73272", "scoring_system": "epss", "scoring_elements": "0.98815", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.73272", "scoring_system": "epss", "scoring_elements": "0.98816", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.73272", "scoring_system": "epss", "scoring_elements": "0.98813", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375968", "reference_id": "1375968", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375968" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-4975.json", "reference_id": "CVE-2016-4975", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-4975.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0906", "reference_id": "RHSA-2017:0906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2185", "reference_id": "RHSA-2018:2185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2186", "reference_id": "RHSA-2018:2186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2186" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74994?format=api", "purl": "pkg:apache/httpd@2.2.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-pj23-hhvw-6ucr" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-um53-bb17-93fp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/74993?format=api", "purl": "pkg:apache/httpd@2.4.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-3cam-1afg-9bdv" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-54u4-szhc-zycj" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5sf7-wq36-5ye3" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-62uq-vyd8-mfbt" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7bxa-rkrq-dyf7" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-eueu-bt2r-xfaa" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nxt8-4r1p-kuab" }, { "vulnerability": "VCID-ny3v-m8gs-3bf2" }, { "vulnerability": "VCID-pfpr-8td6-t7dc" }, { "vulnerability": "VCID-pj23-hhvw-6ucr" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-t9kh-3weu-qugs" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-ykyn-menc-kbfa" }, { "vulnerability": "VCID-yvfg-1nhp-qqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25" } ], "aliases": [ "CVE-2016-4975" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1cpt-rd7f-8qhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51046?format=api", "vulnerability_id": "VCID-1xb5-reys-d7fb", "summary": "A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the \"DEFLATE\" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0118", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97475", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97481", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97482", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.41327", "scoring_system": "epss", "scoring_elements": "0.97483", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120601", "reference_id": "1120601", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120601" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-0118.json", "reference_id": "CVE-2014-0118", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-0118.json" }, { "reference_url": "https://security.gentoo.org/glsa/201504-03", "reference_id": "GLSA-201504-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0920", "reference_id": "RHSA-2014:0920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0921", "reference_id": "RHSA-2014:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0922", "reference_id": "RHSA-2014:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1019", "reference_id": "RHSA-2014:1019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1020", "reference_id": "RHSA-2014:1020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1021", "reference_id": "RHSA-2014:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1086", "reference_id": "RHSA-2014:1086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1087", "reference_id": "RHSA-2014:1087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1087" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1088", "reference_id": "RHSA-2014:1088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1088" }, { "reference_url": "https://usn.ubuntu.com/2299-1/", "reference_id": "USN-2299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74983?format=api", "purl": "pkg:apache/httpd@2.2.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/74982?format=api", "purl": "pkg:apache/httpd@2.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-tmjs-99hk-syat" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-x5nj-5bsv-aqeh" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10" } ], "aliases": [ "CVE-2014-0118" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1xb5-reys-d7fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51014?format=api", "vulnerability_id": "VCID-425q-pchy-2yfg", "summary": "A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01573", "scoring_system": "epss", "scoring_elements": "0.81873", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01573", "scoring_system": "epss", "scoring_elements": "0.81907", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01573", "scoring_system": "epss", "scoring_elements": "0.81908", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01573", "scoring_system": "epss", "scoring_elements": "0.81902", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01573", "scoring_system": "epss", "scoring_elements": "0.81917", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697", "reference_id": "531697", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936", "reference_id": "551936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919", "reference_id": "560919", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920", "reference_id": "560920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921", "reference_id": "560921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922", "reference_id": "560922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926", "reference_id": "560926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927", "reference_id": "560927", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928", "reference_id": "560928", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929", "reference_id": "560929", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930", "reference_id": "560930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935", "reference_id": "560935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936", "reference_id": "560936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937", "reference_id": "560937", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940", "reference_id": "560940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942", "reference_id": "560942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950", "reference_id": "560950", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053", "reference_id": "601053", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3720.json", "reference_id": "CVE-2009-3720", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3720.json" }, { "reference_url": "https://security.gentoo.org/glsa/201209-06", "reference_id": "GLSA-201209-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1572", "reference_id": "RHSA-2009:1572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1625", "reference_id": "RHSA-2009:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0002", "reference_id": "RHSA-2010:0002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0491", "reference_id": "RHSA-2011:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0492", "reference_id": "RHSA-2011:0492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://usn.ubuntu.com/890-1/", "reference_id": "USN-890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-1/" }, { "reference_url": "https://usn.ubuntu.com/890-2/", "reference_id": "USN-890-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-2/" }, { "reference_url": "https://usn.ubuntu.com/890-3/", "reference_id": "USN-890-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-3/" }, { "reference_url": "https://usn.ubuntu.com/890-4/", "reference_id": "USN-890-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-4/" }, { "reference_url": "https://usn.ubuntu.com/890-5/", "reference_id": "USN-890-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-5/" }, { "reference_url": "https://usn.ubuntu.com/890-6/", "reference_id": "USN-890-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-6/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74960?format=api", "purl": "pkg:apache/httpd@2.2.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-yqbj-upd2-fbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17" } ], "aliases": [ "CVE-2009-3720" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-425q-pchy-2yfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6535?format=api", "vulnerability_id": "VCID-4yze-nb6e-8yav", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7679", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30062", "scoring_system": "epss", "scoring_elements": "0.96758", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.30062", "scoring_system": "epss", "scoring_elements": "0.96761", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.30062", "scoring_system": "epss", "scoring_elements": "0.96754", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.30062", "scoring_system": "epss", "scoring_elements": "0.96762", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7679" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207", "reference_id": "1463207", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207" }, { "reference_url": "https://security.archlinux.org/ASA-201706-34", "reference_id": "ASA-201706-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-34" }, { "reference_url": "https://security.archlinux.org/AVG-316", "reference_id": "AVG-316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-316" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-7679.json", "reference_id": "CVE-2017-7679", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-7679.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2478", "reference_id": "RHSA-2017:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2479", "reference_id": "RHSA-2017:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3475", "reference_id": "RHSA-2017:3475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3476", "reference_id": "RHSA-2017:3476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3477", "reference_id": "RHSA-2017:3477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3477" }, { "reference_url": "https://usn.ubuntu.com/3340-1/", "reference_id": "USN-3340-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3340-1/" }, { "reference_url": "https://usn.ubuntu.com/3373-1/", "reference_id": "USN-3373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74995?format=api", "purl": "pkg:apache/httpd@2.2.34", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j5r1-q5tv-xqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34" }, { "url": "http://public2.vulnerablecode.io/api/packages/74996?format=api", "purl": "pkg:apache/httpd@2.4.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4e1g-urtc-9bd8" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-54u4-szhc-zycj" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5sf7-wq36-5ye3" }, { "vulnerability": "VCID-62uq-vyd8-mfbt" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7bxa-rkrq-dyf7" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-eueu-bt2r-xfaa" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nxt8-4r1p-kuab" }, { "vulnerability": "VCID-ny3v-m8gs-3bf2" }, { "vulnerability": "VCID-pfpr-8td6-t7dc" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-t9kh-3weu-qugs" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-ykyn-menc-kbfa" }, { "vulnerability": "VCID-yvfg-1nhp-qqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26" } ], "aliases": [ "CVE-2017-7679" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4yze-nb6e-8yav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51031?format=api", "vulnerability_id": "VCID-5h45-6kty-ffhm", "summary": "A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose \"httpOnly\" cookies when no custom ErrorDocument is specified.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23641", "scoring_system": "epss", "scoring_elements": "0.96104", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.23641", "scoring_system": "epss", "scoring_elements": "0.96099", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.33846", "scoring_system": "epss", "scoring_elements": "0.9705", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.33846", "scoring_system": "epss", "scoring_elements": "0.97054", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.33846", "scoring_system": "epss", "scoring_elements": "0.97052", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.33846", "scoring_system": "epss", "scoring_elements": "0.97047", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=785069", "reference_id": "785069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=785069" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2012-0053.json", "reference_id": "CVE-2012-0053", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2012-0053.json" }, { "reference_url": "https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08", "reference_id": "CVE-2012-0053;OSVDB-78556", "reference_type": "exploit", "scores": [], "url": "https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html", "reference_id": "CVE-2012-0053;OSVDB-78556", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0128", "reference_id": "RHSA-2012:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0323", "reference_id": "RHSA-2012:0323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0542", "reference_id": "RHSA-2012:0542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0543", "reference_id": "RHSA-2012:0543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0543" }, { "reference_url": "https://usn.ubuntu.com/1368-1/", "reference_id": "USN-1368-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1368-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74969?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2012-0053" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5h45-6kty-ffhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6538?format=api", "vulnerability_id": "VCID-5y32-wcg3-sybr", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30773", "scoring_system": "epss", "scoring_elements": "0.96825", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.30773", "scoring_system": "epss", "scoring_elements": "0.96828", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.30773", "scoring_system": "epss", "scoring_elements": "0.9682", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.30773", "scoring_system": "epss", "scoring_elements": "0.96829", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197", "reference_id": "1463197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197" }, { "reference_url": "https://security.archlinux.org/ASA-201706-34", "reference_id": "ASA-201706-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-34" }, { "reference_url": "https://security.archlinux.org/AVG-316", "reference_id": "AVG-316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-316" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-3169.json", "reference_id": "CVE-2017-3169", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-3169.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2478", "reference_id": "RHSA-2017:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2479", "reference_id": "RHSA-2017:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3475", "reference_id": "RHSA-2017:3475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3476", "reference_id": "RHSA-2017:3476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3477", "reference_id": "RHSA-2017:3477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3477" }, { "reference_url": "https://usn.ubuntu.com/3340-1/", "reference_id": "USN-3340-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3340-1/" }, { "reference_url": "https://usn.ubuntu.com/3373-1/", "reference_id": "USN-3373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74995?format=api", "purl": "pkg:apache/httpd@2.2.34", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j5r1-q5tv-xqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34" }, { "url": "http://public2.vulnerablecode.io/api/packages/74996?format=api", "purl": "pkg:apache/httpd@2.4.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4e1g-urtc-9bd8" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-54u4-szhc-zycj" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5sf7-wq36-5ye3" }, { "vulnerability": "VCID-62uq-vyd8-mfbt" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7bxa-rkrq-dyf7" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-eueu-bt2r-xfaa" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nxt8-4r1p-kuab" }, { "vulnerability": "VCID-ny3v-m8gs-3bf2" }, { "vulnerability": "VCID-pfpr-8td6-t7dc" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-t9kh-3weu-qugs" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-ykyn-menc-kbfa" }, { "vulnerability": "VCID-yvfg-1nhp-qqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26" } ], "aliases": [ "CVE-2017-3169" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5y32-wcg3-sybr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51044?format=api", "vulnerability_id": "VCID-6b2z-q7qe-gbeg", "summary": "A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0098", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.50788", "scoring_system": "epss", "scoring_elements": "0.97907", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.50788", "scoring_system": "epss", "scoring_elements": "0.97911", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.50788", "scoring_system": "epss", "scoring_elements": "0.97912", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.50788", "scoring_system": "epss", "scoring_elements": "0.97913", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0098" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077871", "reference_id": "1077871", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077871" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-0098.json", "reference_id": "CVE-2014-0098", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-0098.json" }, { "reference_url": "https://security.gentoo.org/glsa/201408-12", "reference_id": "GLSA-201408-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0369", "reference_id": "RHSA-2014:0369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0370", "reference_id": "RHSA-2014:0370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0783", "reference_id": "RHSA-2014:0783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0784", "reference_id": "RHSA-2014:0784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0825", "reference_id": "RHSA-2014:0825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0826", "reference_id": "RHSA-2014:0826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0826" }, { "reference_url": "https://usn.ubuntu.com/2152-1/", "reference_id": "USN-2152-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2152-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74980?format=api", "purl": "pkg:apache/httpd@2.2.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/74981?format=api", "purl": "pkg:apache/httpd@2.4.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-9dw1-6m3c-syd1" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-snas-xc79-mkge" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-tmjs-99hk-syat" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9" } ], "aliases": [ "CVE-2014-0098" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6b2z-q7qe-gbeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51026?format=api", "vulnerability_id": "VCID-72zv-psyw-vbh7", "summary": "An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.\nPatches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3368", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76893", "scoring_system": "epss", "scoring_elements": "0.98976", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.76893", "scoring_system": "epss", "scoring_elements": "0.98977", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.76893", "scoring_system": "epss", "scoring_elements": "0.98979", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.76893", "scoring_system": "epss", "scoring_elements": "0.98978", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3368" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=740045", "reference_id": "740045", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=740045" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-3368.json", "reference_id": "CVE-2011-3368", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-3368.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py", "reference_id": "CVE-2011-3368;OSVDB-76079", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1391", "reference_id": "RHSA-2011:1391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1392", "reference_id": "RHSA-2011:1392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0542", "reference_id": "RHSA-2012:0542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0543", "reference_id": "RHSA-2012:0543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0543" }, { "reference_url": "https://usn.ubuntu.com/1259-1/", "reference_id": "USN-1259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1259-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74969?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2011-3368" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72zv-psyw-vbh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51037?format=api", "vulnerability_id": "VCID-7pxs-sc8s-8fg2", "summary": "A XSS flaw affected the mod_proxy_balancer manager interface.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.58223", "scoring_system": "epss", "scoring_elements": "0.98222", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.58223", "scoring_system": "epss", "scoring_elements": "0.98224", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.58223", "scoring_system": "epss", "scoring_elements": "0.98225", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.58223", "scoring_system": "epss", "scoring_elements": "0.98226", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4558" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=915884", "reference_id": "915884", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=915884" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2012-4558.json", "reference_id": "CVE-2012-4558", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2012-4558.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0815", "reference_id": "RHSA-2013:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1011", "reference_id": "RHSA-2013:1011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1012", "reference_id": "RHSA-2013:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1013", "reference_id": "RHSA-2013:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1207", "reference_id": "RHSA-2013:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1208", "reference_id": "RHSA-2013:1208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1209", "reference_id": "RHSA-2013:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1209" }, { "reference_url": "https://usn.ubuntu.com/1765-1/", "reference_id": "USN-1765-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1765-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74974?format=api", "purl": "pkg:apache/httpd@2.2.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/74975?format=api", "purl": "pkg:apache/httpd@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-26s8-29m8-s7cy" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-snas-xc79-mkge" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.4" } ], "aliases": [ "CVE-2012-4558" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7pxs-sc8s-8fg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51048?format=api", "vulnerability_id": "VCID-8qu7-pwaj-yqhq", "summary": "A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97614", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97618", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.9762", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97619", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.44151", "scoring_system": "epss", "scoring_elements": "0.97621", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120596", "reference_id": "1120596", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120596" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-0231.json", "reference_id": "CVE-2014-0231", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-0231.json" }, { "reference_url": "https://security.gentoo.org/glsa/201504-03", "reference_id": "GLSA-201504-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0920", "reference_id": "RHSA-2014:0920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0921", "reference_id": "RHSA-2014:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0922", "reference_id": "RHSA-2014:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1019", "reference_id": "RHSA-2014:1019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1020", "reference_id": "RHSA-2014:1020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1021", "reference_id": "RHSA-2014:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1086", "reference_id": "RHSA-2014:1086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1087", "reference_id": "RHSA-2014:1087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1087" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1088", "reference_id": "RHSA-2014:1088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1088" }, { "reference_url": "https://usn.ubuntu.com/2299-1/", "reference_id": "USN-2299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74983?format=api", "purl": "pkg:apache/httpd@2.2.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/74982?format=api", "purl": "pkg:apache/httpd@2.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-tmjs-99hk-syat" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-x5nj-5bsv-aqeh" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10" } ], "aliases": [ "CVE-2014-0231" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qu7-pwaj-yqhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51011?format=api", "vulnerability_id": "VCID-96zk-7c51-vke8", "summary": "A NULL pointer dereference flaw was found in the mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3094.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86479", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86455", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86478", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86475", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86474", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02833", "scoring_system": "epss", "scoring_elements": "0.86461", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=521619", "reference_id": "521619", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=521619" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951", "reference_id": "545951", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3094.json", "reference_id": "CVE-2009-3094", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3094.json" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74957?format=api", "purl": "pkg:apache/httpd@2.2.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-e8cs-fvsy-b7dd" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-gp4e-v2qw-rbh2" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-x7n6-pzrs-nugs" }, { "vulnerability": "VCID-xpkn-zawt-ruh4" }, { "vulnerability": "VCID-yekj-h6m9-nkbj" }, { "vulnerability": "VCID-ywm9-1fbh-5qen" }, { "vulnerability": "VCID-yyhr-sksr-4fdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14" } ], "aliases": [ "CVE-2009-3094" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-96zk-7c51-vke8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51039?format=api", "vulnerability_id": "VCID-b44m-f3y9-kqag", "summary": "Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43961", "scoring_system": "epss", "scoring_elements": "0.97605", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.43961", "scoring_system": "epss", "scoring_elements": "0.97609", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.43961", "scoring_system": "epss", "scoring_elements": "0.97611", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.43961", "scoring_system": "epss", "scoring_elements": "0.9761", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.43961", "scoring_system": "epss", "scoring_elements": "0.97613", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272", "reference_id": "717272", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=983549", "reference_id": "983549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=983549" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-1896.json", "reference_id": "CVE-2013-1896", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-1896.json" }, { "reference_url": "https://security.gentoo.org/glsa/201309-12", "reference_id": "GLSA-201309-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1133", "reference_id": "RHSA-2013:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1134", "reference_id": "RHSA-2013:1134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1156", "reference_id": "RHSA-2013:1156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1207", "reference_id": "RHSA-2013:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1208", "reference_id": "RHSA-2013:1208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1209", "reference_id": "RHSA-2013:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1209" }, { "reference_url": "https://usn.ubuntu.com/1903-1/", "reference_id": "USN-1903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74976?format=api", "purl": "pkg:apache/httpd@2.2.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/74977?format=api", "purl": "pkg:apache/httpd@2.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-9dw1-6m3c-syd1" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-snas-xc79-mkge" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-vg84-brwd-bkez" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.6" } ], "aliases": [ "CVE-2013-1896" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b44m-f3y9-kqag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51012?format=api", "vulnerability_id": "VCID-bhfc-b64s-yue4", "summary": "A flaw was found in the mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3095.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3095", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03845", "scoring_system": "epss", "scoring_elements": "0.884", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03845", "scoring_system": "epss", "scoring_elements": "0.88418", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03845", "scoring_system": "epss", "scoring_elements": "0.8842", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03845", "scoring_system": "epss", "scoring_elements": "0.88419", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.03845", "scoring_system": "epss", "scoring_elements": "0.88435", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3095" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=522209", "reference_id": "522209", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=522209" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951", "reference_id": "545951", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=545951" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3095.json", "reference_id": "CVE-2009-3095", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3095.json" }, { "reference_url": "https://usn.ubuntu.com/860-1/", "reference_id": "USN-860-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/860-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74957?format=api", "purl": "pkg:apache/httpd@2.2.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-e8cs-fvsy-b7dd" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-gp4e-v2qw-rbh2" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-x7n6-pzrs-nugs" }, { "vulnerability": "VCID-xpkn-zawt-ruh4" }, { "vulnerability": "VCID-yekj-h6m9-nkbj" }, { "vulnerability": "VCID-ywm9-1fbh-5qen" }, { "vulnerability": "VCID-yyhr-sksr-4fdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14" } ], "aliases": [ "CVE-2009-3095" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bhfc-b64s-yue4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51024?format=api", "vulnerability_id": "VCID-cqa7-5n1m-4kem", "summary": "A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. This could be used in a denial of service attack. Advisory: CVE-2011-3192.txt", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.90456", "scoring_system": "epss", "scoring_elements": "0.99626", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.90456", "scoring_system": "epss", "scoring_elements": "0.99625", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.90865", "scoring_system": "epss", "scoring_elements": "0.99645", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928", "reference_id": "732928", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732928" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-3192.json", "reference_id": "CVE-2011-3192", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-3192.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c", "reference_id": "CVE-2014-5329;OSVDB-74721;CVE-2011-3192", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl", "reference_id": "CVE-2014-5329;OSVDB-74721;CVE-2011-3192", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1245", "reference_id": "RHSA-2011:1245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1294", "reference_id": "RHSA-2011:1294", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1300", "reference_id": "RHSA-2011:1300", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1329", "reference_id": "RHSA-2011:1329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1330", "reference_id": "RHSA-2011:1330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1330" }, { "reference_url": "https://usn.ubuntu.com/1199-1/", "reference_id": "USN-1199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1199-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74967?format=api", "purl": "pkg:apache/httpd@2.2.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-yqbj-upd2-fbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.20" } ], "aliases": [ "CVE-2011-3192" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cqa7-5n1m-4kem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51034?format=api", "vulnerability_id": "VCID-csqk-utue-9yeq", "summary": "Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3499", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21581", "scoring_system": "epss", "scoring_elements": "0.95829", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.21581", "scoring_system": "epss", "scoring_elements": "0.95833", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.21581", "scoring_system": "epss", "scoring_elements": "0.95836", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.21581", "scoring_system": "epss", "scoring_elements": "0.95837", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.21581", "scoring_system": "epss", "scoring_elements": "0.95841", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=915883", "reference_id": "915883", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=915883" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2012-3499.json", "reference_id": "CVE-2012-3499", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2012-3499.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0815", "reference_id": "RHSA-2013:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1011", "reference_id": "RHSA-2013:1011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1012", "reference_id": "RHSA-2013:1012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1013", "reference_id": "RHSA-2013:1013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1207", "reference_id": "RHSA-2013:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1208", "reference_id": "RHSA-2013:1208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1209", "reference_id": "RHSA-2013:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1209" }, { "reference_url": "https://usn.ubuntu.com/1765-1/", "reference_id": "USN-1765-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1765-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74974?format=api", "purl": "pkg:apache/httpd@2.2.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/74975?format=api", "purl": "pkg:apache/httpd@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-26s8-29m8-s7cy" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-snas-xc79-mkge" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.4" } ], "aliases": [ "CVE-2012-3499" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-csqk-utue-9yeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51028?format=api", "vulnerability_id": "VCID-da7f-7vn1-gffu", "summary": "An additional exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4317", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77975", "scoring_system": "epss", "scoring_elements": "0.9903", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.79449", "scoring_system": "epss", "scoring_elements": "0.99103", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.79449", "scoring_system": "epss", "scoring_elements": "0.99104", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.79449", "scoring_system": "epss", "scoring_elements": "0.99105", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=756483", "reference_id": "756483", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=756483" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-4317.json", "reference_id": "CVE-2011-4317", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-4317.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt", "reference_id": "CVE-2011-4317;OSVDB-77310", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt" }, { "reference_url": "https://www.securityfocus.com/bid/50802/info", "reference_id": "CVE-2011-4317;OSVDB-77310", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/50802/info" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0128", "reference_id": "RHSA-2012:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0128" }, { "reference_url": "https://usn.ubuntu.com/1368-1/", "reference_id": "USN-1368-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1368-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74969?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2011-4317" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-da7f-7vn1-gffu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51062?format=api", "vulnerability_id": "VCID-duan-fz4r-uydy", "summary": "HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the \"HTTP_PROXY\" variable from a \"Proxy:\" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51564", "scoring_system": "epss", "scoring_elements": "0.97945", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.51564", "scoring_system": "epss", "scoring_elements": "0.97948", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.51564", "scoring_system": "epss", "scoring_elements": "0.97949", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353755", "reference_id": "1353755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353755" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-5387.json", "reference_id": "CVE-2016-5387", "reference_type": "", "scores": [ { "value": "n/a", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-5387.json" }, { "reference_url": "https://security.gentoo.org/glsa/201701-36", "reference_id": "GLSA-201701-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1420", "reference_id": "RHSA-2016:1420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1421", "reference_id": "RHSA-2016:1421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1422", "reference_id": "RHSA-2016:1422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1625", "reference_id": "RHSA-2016:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1648", "reference_id": "RHSA-2016:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1649", "reference_id": "RHSA-2016:1649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1650", "reference_id": "RHSA-2016:1650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1851", "reference_id": "RHSA-2016:1851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1851" }, { "reference_url": "https://usn.ubuntu.com/3038-1/", "reference_id": "USN-3038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3038-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74994?format=api", "purl": "pkg:apache/httpd@2.2.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-pj23-hhvw-6ucr" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-um53-bb17-93fp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/74993?format=api", "purl": "pkg:apache/httpd@2.4.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-3cam-1afg-9bdv" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-54u4-szhc-zycj" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5sf7-wq36-5ye3" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-62uq-vyd8-mfbt" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7bxa-rkrq-dyf7" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-eueu-bt2r-xfaa" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nxt8-4r1p-kuab" }, { "vulnerability": "VCID-ny3v-m8gs-3bf2" }, { "vulnerability": "VCID-pfpr-8td6-t7dc" }, { "vulnerability": "VCID-pj23-hhvw-6ucr" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-t9kh-3weu-qugs" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-ykyn-menc-kbfa" }, { "vulnerability": "VCID-yvfg-1nhp-qqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25" } ], "aliases": [ "CVE-2016-5387" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-duan-fz4r-uydy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51020?format=api", "vulnerability_id": "VCID-e8cs-fvsy-b7dd", "summary": "A flaw was found in the apr_brigade_split_line() function of the bundled APR-util library, used to process non-SSL requests. A remote attacker could send requests, carefully crafting the timing of individual bytes, which would slowly consume memory, potentially leading to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1623.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1623", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28285", "scoring_system": "epss", "scoring_elements": "0.96591", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.28285", "scoring_system": "epss", "scoring_elements": "0.96594", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.28285", "scoring_system": "epss", "scoring_elements": "0.96599", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.28285", "scoring_system": "epss", "scoring_elements": "0.96598", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.28285", "scoring_system": "epss", "scoring_elements": "0.96604", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=640281", "reference_id": "640281", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640281" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-1623.json", "reference_id": "CVE-2010-1623", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-1623.json" }, { "reference_url": "https://security.gentoo.org/glsa/201405-24", "reference_id": "GLSA-201405-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201405-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0950", "reference_id": "RHSA-2010:0950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0950" }, { "reference_url": "https://usn.ubuntu.com/1021-1/", "reference_id": "USN-1021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1021-1/" }, { "reference_url": "https://usn.ubuntu.com/1022-1/", "reference_id": "USN-1022-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1022-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74960?format=api", "purl": "pkg:apache/httpd@2.2.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-yqbj-upd2-fbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17" } ], "aliases": [ "CVE-2010-1623" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8cs-fvsy-b7dd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51027?format=api", "vulnerability_id": "VCID-eb5e-gswe-r7ac", "summary": "An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.4769", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47624", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47688", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47672", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69627", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69606", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=769844", "reference_id": "769844", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=769844" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-3607.json", "reference_id": "CVE-2011-3607", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-3607.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt", "reference_id": "CVE-2011-4415;CVE-2011-3607", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt" }, { "reference_url": "http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/", "reference_id": "CVE-2011-4415;CVE-2011-3607", "reference_type": "exploit", "scores": [], "url": "http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0128", "reference_id": "RHSA-2012:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0323", "reference_id": "RHSA-2012:0323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0542", "reference_id": "RHSA-2012:0542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0543", "reference_id": "RHSA-2012:0543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0543" }, { "reference_url": "https://usn.ubuntu.com/1368-1/", "reference_id": "USN-1368-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1368-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74969?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2011-3607" ], "risk_score": 4.2, "exploitability": "2.0", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb5e-gswe-r7ac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51033?format=api", "vulnerability_id": "VCID-f4m5-bj25-pbhy", "summary": "Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled. Note: This issue is also known as CVE-2008-0455.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2687", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0466", "scoring_system": "epss", "scoring_elements": "0.89534", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0466", "scoring_system": "epss", "scoring_elements": "0.89516", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0466", "scoring_system": "epss", "scoring_elements": "0.89518", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.08268", "scoring_system": "epss", "scoring_elements": "0.92391", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08268", "scoring_system": "epss", "scoring_elements": "0.92381", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08268", "scoring_system": "epss", "scoring_elements": "0.92395", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=850794", "reference_id": "850794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=850794" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2012-2687.json", "reference_id": "CVE-2012-2687", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2012-2687.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1591", "reference_id": "RHSA-2012:1591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1592", "reference_id": "RHSA-2012:1592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1594", "reference_id": "RHSA-2012:1594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0130", "reference_id": "RHSA-2013:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0512", "reference_id": "RHSA-2013:0512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0512" }, { "reference_url": "https://usn.ubuntu.com/1627-1/", "reference_id": "USN-1627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1627-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74971?format=api", "purl": "pkg:apache/httpd@2.2.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/74973?format=api", "purl": "pkg:apache/httpd@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-26s8-29m8-s7cy" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-snas-xc79-mkge" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.3" } ], "aliases": [ "CVE-2012-2687" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f4m5-bj25-pbhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51042?format=api", "vulnerability_id": "VCID-fg75-4dwv-9qb5", "summary": "HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the \"MergeTrailers\" directive to restore legacy behavior.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.65044", "scoring_system": "epss", "scoring_elements": "0.98494", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.65044", "scoring_system": "epss", "scoring_elements": "0.98497", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.65044", "scoring_system": "epss", "scoring_elements": "0.98496", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082903", "reference_id": "1082903", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082903" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-5704.json", "reference_id": "CVE-2013-5704", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-5704.json" }, { "reference_url": "https://security.gentoo.org/glsa/201504-03", "reference_id": "GLSA-201504-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1972", "reference_id": "RHSA-2014:1972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0325", "reference_id": "RHSA-2015:0325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1249", "reference_id": "RHSA-2015:1249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2661", "reference_id": "RHSA-2015:2661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0061", "reference_id": "RHSA-2016:0061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0062", "reference_id": "RHSA-2016:0062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0062" }, { "reference_url": "https://usn.ubuntu.com/2523-1/", "reference_id": "USN-2523-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2523-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74983?format=api", "purl": "pkg:apache/httpd@2.2.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/74984?format=api", "purl": "pkg:apache/httpd@2.4.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-jyh8-j4vf-8fgs" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-tmjs-99hk-syat" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.12" } ], "aliases": [ "CVE-2013-5704" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fg75-4dwv-9qb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51017?format=api", "vulnerability_id": "VCID-gp4e-v2qw-rbh2", "summary": "A flaw was found with within mod_isapi which would attempt to unload the ISAPI dll when it encountered various error states. This could leave the callbacks in an undefined state and result in a segfault. On Windows platforms using mod_isapi, a remote attacker could send a malicious request to trigger this issue, and as win32 MPM runs only one process, this would result in a denial of service, and potentially allow arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.99443", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.99444", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.86822", "scoring_system": "epss", "scoring_elements": "0.99445", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0425" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-0425.json", "reference_id": "CVE-2010-0425", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-0425.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c", "reference_id": "CVE-2010-0425;OSVDB-62674", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/11650.c" }, { "reference_url": "http://www.senseofsecurity.com.au/advisories/SOS-10-002", "reference_id": "CVE-2010-0425;OSVDB-62674", "reference_type": "exploit", "scores": [], "url": "http://www.senseofsecurity.com.au/advisories/SOS-10-002" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74958?format=api", "purl": "pkg:apache/httpd@2.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-e8cs-fvsy-b7dd" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-x7n6-pzrs-nugs" }, { "vulnerability": "VCID-yekj-h6m9-nkbj" }, { "vulnerability": "VCID-yyhr-sksr-4fdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15" } ], "aliases": [ "CVE-2010-0425" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gp4e-v2qw-rbh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6470?format=api", "vulnerability_id": "VCID-j5r1-q5tv-xqcp", "summary": "information disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.9384", "scoring_system": "epss", "scoring_elements": "0.99874", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344", "reference_id": "1490344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109", "reference_id": "876109", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109" }, { "reference_url": "https://security.archlinux.org/ASA-201709-15", "reference_id": "ASA-201709-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201709-15" }, { "reference_url": "https://security.archlinux.org/AVG-404", "reference_id": "AVG-404", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-404" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-9798.json", "reference_id": "CVE-2017-9798", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-9798.json" }, { "reference_url": "https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed", "reference_id": "CVE-2017-9798;OPTIONSBLEED", "reference_type": "exploit", "scores": [], "url": "https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py", "reference_id": "CVE-2017-9798;OPTIONSBLEED", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2882", "reference_id": "RHSA-2017:2882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2972", "reference_id": "RHSA-2017:2972", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2972" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3018", "reference_id": "RHSA-2017:3018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3240", "reference_id": "RHSA-2017:3240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3475", "reference_id": "RHSA-2017:3475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3476", "reference_id": "RHSA-2017:3476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3477", "reference_id": "RHSA-2017:3477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3477" }, { "reference_url": "https://usn.ubuntu.com/3425-1/", "reference_id": "USN-3425-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3425-1/" }, { "reference_url": "https://usn.ubuntu.com/3425-2/", "reference_id": "USN-3425-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3425-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74998?format=api", "purl": "pkg:apache/httpd@2.4.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-54u4-szhc-zycj" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5sf7-wq36-5ye3" }, { "vulnerability": "VCID-62uq-vyd8-mfbt" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7bxa-rkrq-dyf7" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-eueu-bt2r-xfaa" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nxt8-4r1p-kuab" }, { "vulnerability": "VCID-ny3v-m8gs-3bf2" }, { "vulnerability": "VCID-pfpr-8td6-t7dc" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-t9kh-3weu-qugs" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-ykyn-menc-kbfa" }, { "vulnerability": "VCID-yvfg-1nhp-qqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.28" } ], "aliases": [ "CVE-2017-9798" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j5r1-q5tv-xqcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51025?format=api", "vulnerability_id": "VCID-kb48-61na-cyap", "summary": "A flaw was found when mod_proxy_ajp is used together with mod_proxy_balancer. Given a specific configuration, a remote attacker could send certain malformed HTTP requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3348.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3348.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3348", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34026", "scoring_system": "epss", "scoring_elements": "0.97061", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.34026", "scoring_system": "epss", "scoring_elements": "0.97065", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.34026", "scoring_system": "epss", "scoring_elements": "0.97067", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.34026", "scoring_system": "epss", "scoring_elements": "0.97069", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.34026", "scoring_system": "epss", "scoring_elements": "0.97072", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=736690", "reference_id": "736690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=736690" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-3348.json", "reference_id": "CVE-2011-3348", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-3348.json" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1391", "reference_id": "RHSA-2011:1391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0542", "reference_id": "RHSA-2012:0542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0543", "reference_id": "RHSA-2012:0543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0543" }, { "reference_url": "https://usn.ubuntu.com/1259-1/", "reference_id": "USN-1259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1259-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74968?format=api", "purl": "pkg:apache/httpd@2.2.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-yqbj-upd2-fbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.21" } ], "aliases": [ "CVE-2011-3348" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kb48-61na-cyap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51038?format=api", "vulnerability_id": "VCID-m4t4-3fjk-s3gq", "summary": "mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.52396", "scoring_system": "epss", "scoring_elements": "0.97981", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.52396", "scoring_system": "epss", "scoring_elements": "0.97984", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.52396", "scoring_system": "epss", "scoring_elements": "0.97983", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.52396", "scoring_system": "epss", "scoring_elements": "0.97982", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1862" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=953729", "reference_id": "953729", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953729" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2013-1862.json", "reference_id": "CVE-2013-1862", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2013-1862.json" }, { "reference_url": "https://security.gentoo.org/glsa/201309-12", "reference_id": "GLSA-201309-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0815", "reference_id": "RHSA-2013:0815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1133", "reference_id": "RHSA-2013:1133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1134", "reference_id": "RHSA-2013:1134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1207", "reference_id": "RHSA-2013:1207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1208", "reference_id": "RHSA-2013:1208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1209", "reference_id": "RHSA-2013:1209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1209" }, { "reference_url": "https://usn.ubuntu.com/1903-1/", "reference_id": "USN-1903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74976?format=api", "purl": "pkg:apache/httpd@2.2.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25" } ], "aliases": [ "CVE-2013-1862" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4t4-3fjk-s3gq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51064?format=api", "vulnerability_id": "VCID-nn89-pb36-v7ds", "summary": "Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member \"the_request\", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.\nRFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.\nThese defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.\nThese defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.\nBy toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0978", "scoring_system": "epss", "scoring_elements": "0.931", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0978", "scoring_system": "epss", "scoring_elements": "0.93105", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0978", "scoring_system": "epss", "scoring_elements": "0.9311", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0978", "scoring_system": "epss", "scoring_elements": "0.93107", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0978", "scoring_system": "epss", "scoring_elements": "0.93111", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406822", "reference_id": "1406822", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406822" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2016-8743.json", "reference_id": "CVE-2016-8743", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2016-8743.json" }, { "reference_url": "https://security.gentoo.org/glsa/201701-36", "reference_id": "GLSA-201701-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0906", "reference_id": "RHSA-2017:0906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1161", "reference_id": "RHSA-2017:1161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1413", "reference_id": "RHSA-2017:1413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1414", "reference_id": "RHSA-2017:1414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1415", "reference_id": "RHSA-2017:1415", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1415" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1721", "reference_id": "RHSA-2017:1721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1721" }, { "reference_url": "https://usn.ubuntu.com/3279-1/", "reference_id": "USN-3279-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3279-1/" }, { "reference_url": "https://usn.ubuntu.com/3373-1/", "reference_id": "USN-3373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74994?format=api", "purl": "pkg:apache/httpd@2.2.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-pj23-hhvw-6ucr" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-um53-bb17-93fp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/74993?format=api", "purl": "pkg:apache/httpd@2.4.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-3cam-1afg-9bdv" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-54u4-szhc-zycj" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5sf7-wq36-5ye3" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-62uq-vyd8-mfbt" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7bxa-rkrq-dyf7" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-eueu-bt2r-xfaa" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nxt8-4r1p-kuab" }, { "vulnerability": "VCID-ny3v-m8gs-3bf2" }, { "vulnerability": "VCID-pfpr-8td6-t7dc" }, { "vulnerability": "VCID-pj23-hhvw-6ucr" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-t9kh-3weu-qugs" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-ykyn-menc-kbfa" }, { "vulnerability": "VCID-yvfg-1nhp-qqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25" } ], "aliases": [ "CVE-2016-8743" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nn89-pb36-v7ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51030?format=api", "vulnerability_id": "VCID-pmn2-fj7y-ubha", "summary": "A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0031", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01044", "scoring_system": "epss", "scoring_elements": "0.77849", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01044", "scoring_system": "epss", "scoring_elements": "0.77816", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01044", "scoring_system": "epss", "scoring_elements": "0.77843", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01044", "scoring_system": "epss", "scoring_elements": "0.7784", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01499", "scoring_system": "epss", "scoring_elements": "0.81498", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.01499", "scoring_system": "epss", "scoring_elements": "0.81482", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=773744", "reference_id": "773744", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=773744" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt", "reference_id": "CVE-2012-0031", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2012-0031.json", "reference_id": "CVE-2012-0031", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2012-0031.json" }, { "reference_url": "http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/", "reference_id": "CVE-2012-0031", "reference_type": "exploit", "scores": [], "url": "http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0128", "reference_id": "RHSA-2012:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0323", "reference_id": "RHSA-2012:0323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0542", "reference_id": "RHSA-2012:0542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0543", "reference_id": "RHSA-2012:0543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0543" }, { "reference_url": "https://usn.ubuntu.com/1368-1/", "reference_id": "USN-1368-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1368-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74969?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2012-0031" ], "risk_score": 4.2, "exploitability": "2.0", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmn2-fj7y-ubha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6539?format=api", "vulnerability_id": "VCID-ps1g-6hy7-87dr", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08717", "scoring_system": "epss", "scoring_elements": "0.92639", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.08717", "scoring_system": "epss", "scoring_elements": "0.92645", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08717", "scoring_system": "epss", "scoring_elements": "0.92636", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08717", "scoring_system": "epss", "scoring_elements": "0.92649", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.08717", "scoring_system": "epss", "scoring_elements": "0.9264", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:N" }, { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194", "reference_id": "1463194", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194" }, { "reference_url": "https://security.archlinux.org/ASA-201706-34", "reference_id": "ASA-201706-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-34" }, { "reference_url": "https://security.archlinux.org/AVG-316", "reference_id": "AVG-316", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-316" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-3167.json", "reference_id": "CVE-2017-3167", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-3167.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2478", "reference_id": "RHSA-2017:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2479", "reference_id": "RHSA-2017:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3475", "reference_id": "RHSA-2017:3475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3476", "reference_id": "RHSA-2017:3476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3477", "reference_id": "RHSA-2017:3477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3477" }, { "reference_url": "https://usn.ubuntu.com/3340-1/", "reference_id": "USN-3340-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3340-1/" }, { "reference_url": "https://usn.ubuntu.com/3373-1/", "reference_id": "USN-3373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74995?format=api", "purl": "pkg:apache/httpd@2.2.34", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j5r1-q5tv-xqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34" }, { "url": "http://public2.vulnerablecode.io/api/packages/74996?format=api", "purl": "pkg:apache/httpd@2.4.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4e1g-urtc-9bd8" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-54u4-szhc-zycj" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5sf7-wq36-5ye3" }, { "vulnerability": "VCID-62uq-vyd8-mfbt" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7bxa-rkrq-dyf7" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-eueu-bt2r-xfaa" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nxt8-4r1p-kuab" }, { "vulnerability": "VCID-ny3v-m8gs-3bf2" }, { "vulnerability": "VCID-pfpr-8td6-t7dc" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-t9kh-3weu-qugs" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-ykyn-menc-kbfa" }, { "vulnerability": "VCID-yvfg-1nhp-qqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26" } ], "aliases": [ "CVE-2017-3167" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ps1g-6hy7-87dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51047?format=api", "vulnerability_id": "VCID-rhy7-r84u-gbfc", "summary": "A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0226", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98909", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98911", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98912", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.9891", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.75444", "scoring_system": "epss", "scoring_elements": "0.98908", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120603", "reference_id": "1120603", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120603" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2014-0226.json", "reference_id": "CVE-2014-0226", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2014-0226.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt", "reference_id": "CVE-2014-0226;OSVDB-109216", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201408-12", "reference_id": "GLSA-201408-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-12" }, { "reference_url": "https://security.gentoo.org/glsa/201504-03", "reference_id": "GLSA-201504-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0920", "reference_id": "RHSA-2014:0920", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0920" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0921", "reference_id": "RHSA-2014:0921", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0921" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0922", "reference_id": "RHSA-2014:0922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1019", "reference_id": "RHSA-2014:1019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1020", "reference_id": "RHSA-2014:1020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1021", "reference_id": "RHSA-2014:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1086", "reference_id": "RHSA-2014:1086", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1087", "reference_id": "RHSA-2014:1087", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1087" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1088", "reference_id": "RHSA-2014:1088", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1088" }, { "reference_url": "https://usn.ubuntu.com/2299-1/", "reference_id": "USN-2299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74983?format=api", "purl": "pkg:apache/httpd@2.2.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/74982?format=api", "purl": "pkg:apache/httpd@2.4.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-tmjs-99hk-syat" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-x5nj-5bsv-aqeh" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10" } ], "aliases": [ "CVE-2014-0226" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rhy7-r84u-gbfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51023?format=api", "vulnerability_id": "VCID-t1ad-c6y2-rueb", "summary": "A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.\nWorkaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.\nResolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97814", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97818", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97819", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.9782", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.48782", "scoring_system": "epss", "scoring_elements": "0.97821", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=703390", "reference_id": "703390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=703390" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2011-0419.json", "reference_id": "CVE-2011-0419", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2011-0419.json" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php", "reference_id": "CVE-2011-0419;OSVDB-73383", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php" }, { "reference_url": "https://www.securityfocus.com/bid/47820/info", "reference_id": "CVE-2011-0419;OSVDB-73383", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/47820/info" }, { "reference_url": "https://security.gentoo.org/glsa/201405-24", "reference_id": "GLSA-201405-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201405-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0507", "reference_id": "RHSA-2011:0507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0507" }, { "reference_url": "https://usn.ubuntu.com/1134-1/", "reference_id": "USN-1134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74966?format=api", "purl": "pkg:apache/httpd@2.2.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-yqbj-upd2-fbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.19" } ], "aliases": [ "CVE-2011-0419" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t1ad-c6y2-rueb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51032?format=api", "vulnerability_id": "VCID-t8c4-wnuw-6bfd", "summary": "Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0883", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.4156", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41477", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41553", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41508", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.4153", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41498", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0883" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=813559", "reference_id": "813559", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=813559" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2012-0883.json", "reference_id": "CVE-2012-0883", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2012-0883.json" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1594", "reference_id": "RHSA-2012:1594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1594" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74971?format=api", "purl": "pkg:apache/httpd@2.2.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/74972?format=api", "purl": "pkg:apache/httpd@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-26s8-29m8-s7cy" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-875s-qd97-wbga" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-9hz8-j6ce-2bca" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-ae9b-t3e7-hyhc" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-snas-xc79-mkge" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-xd6e-12jd-pufb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.2" } ], "aliases": [ "CVE-2012-0883" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8c4-wnuw-6bfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4527?format=api", "vulnerability_id": "VCID-um53-bb17-93fp", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.49498", "scoring_system": "epss", "scoring_elements": "0.97852", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.49498", "scoring_system": "epss", "scoring_elements": "0.97854", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.49498", "scoring_system": "epss", "scoring_elements": "0.97849", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:P" }, { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748", "reference_id": "1470748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467", "reference_id": "868467", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467" }, { "reference_url": "https://security.archlinux.org/ASA-201707-15", "reference_id": "ASA-201707-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201707-15" }, { "reference_url": "https://security.archlinux.org/AVG-350", "reference_id": "AVG-350", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-350" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2017-9788.json", "reference_id": "CVE-2017-9788", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2017-9788.json" }, { "reference_url": "https://security.gentoo.org/glsa/201710-32", "reference_id": "GLSA-201710-32", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-32" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2478", "reference_id": "RHSA-2017:2478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2478" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2479", "reference_id": "RHSA-2017:2479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2483", "reference_id": "RHSA-2017:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2708", "reference_id": "RHSA-2017:2708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2709", "reference_id": "RHSA-2017:2709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2710", "reference_id": "RHSA-2017:2710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3193", "reference_id": "RHSA-2017:3193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3194", "reference_id": "RHSA-2017:3194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3195", "reference_id": "RHSA-2017:3195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3240", "reference_id": "RHSA-2017:3240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3240" }, { "reference_url": "https://usn.ubuntu.com/3370-1/", "reference_id": "USN-3370-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3370-1/" }, { "reference_url": "https://usn.ubuntu.com/3370-2/", "reference_id": "USN-3370-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3370-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74995?format=api", "purl": "pkg:apache/httpd@2.2.34", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-j5r1-q5tv-xqcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34" }, { "url": "http://public2.vulnerablecode.io/api/packages/74997?format=api", "purl": "pkg:apache/httpd@2.4.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-54u4-szhc-zycj" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5sf7-wq36-5ye3" }, { "vulnerability": "VCID-62uq-vyd8-mfbt" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7bxa-rkrq-dyf7" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-eueu-bt2r-xfaa" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nxt8-4r1p-kuab" }, { "vulnerability": "VCID-ny3v-m8gs-3bf2" }, { "vulnerability": "VCID-pfpr-8td6-t7dc" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-t9kh-3weu-qugs" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" }, { "vulnerability": "VCID-ykyn-menc-kbfa" }, { "vulnerability": "VCID-yvfg-1nhp-qqg8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.27" } ], "aliases": [ "CVE-2017-9788" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-um53-bb17-93fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51055?format=api", "vulnerability_id": "VCID-vb2q-wweb-37gz", "summary": "An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24118", "scoring_system": "epss", "scoring_elements": "0.96171", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.24118", "scoring_system": "epss", "scoring_elements": "0.96177", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.24118", "scoring_system": "epss", "scoring_elements": "0.9618", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.24118", "scoring_system": "epss", "scoring_elements": "0.96186", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887", "reference_id": "1243887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243887" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2015-3183.json", "reference_id": "CVE-2015-3183", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2015-3183.json" }, { "reference_url": "https://security.gentoo.org/glsa/201610-02", "reference_id": "GLSA-201610-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201610-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1666", "reference_id": "RHSA-2015:1666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1667", "reference_id": "RHSA-2015:1667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1668", "reference_id": "RHSA-2015:1668", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1668" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2661", "reference_id": "RHSA-2015:2661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0061", "reference_id": "RHSA-2016:0061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0062", "reference_id": "RHSA-2016:0062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2054", "reference_id": "RHSA-2016:2054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2055", "reference_id": "RHSA-2016:2055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2056", "reference_id": "RHSA-2016:2056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2056" }, { "reference_url": "https://usn.ubuntu.com/2686-1/", "reference_id": "USN-2686-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2686-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74986?format=api", "purl": "pkg:apache/httpd@2.2.31", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-um53-bb17-93fp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.31" }, { "url": "http://public2.vulnerablecode.io/api/packages/74985?format=api", "purl": "pkg:apache/httpd@2.4.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-2pj8-zfdd-tufx" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-52q8-y1bq-nqe2" }, { "vulnerability": "VCID-5qj8-vuec-h3fg" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-68uu-wm68-zkfb" }, { "vulnerability": "VCID-7pxa-tvz9-u7ht" }, { "vulnerability": "VCID-7u6p-2mtv-33an" }, { "vulnerability": "VCID-9q1t-7c6j-t3dh" }, { "vulnerability": "VCID-aj4u-27vr-9ugt" }, { "vulnerability": "VCID-bmyw-jdh2-17d3" }, { "vulnerability": "VCID-bp2p-twzt-wkap" }, { "vulnerability": "VCID-bzpc-s4tb-1yhg" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-hk7s-5xmv-1kca" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kaw2-gdzq-4qdm" }, { "vulnerability": "VCID-ndjs-6nmc-9yg1" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-nyqj-yfjw-23dd" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-pzum-j7as-bkbk" }, { "vulnerability": "VCID-r4tp-y16c-57ak" }, { "vulnerability": "VCID-saux-awas-mfau" }, { "vulnerability": "VCID-t8aa-rv68-fkg5" }, { "vulnerability": "VCID-tgwb-8x2b-abfy" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-wmmz-e7c5-1ye1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.16" } ], "aliases": [ "CVE-2015-3183" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vb2q-wweb-37gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51036?format=api", "vulnerability_id": "VCID-wey2-jc8u-zudk", "summary": "A flaw was found when mod_proxy_ajp connects to a backend server that takes too long to respond. Given a specific configuration, a remote attacker could send certain requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4557.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4557.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4557", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25967", "scoring_system": "epss", "scoring_elements": "0.96375", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.25967", "scoring_system": "epss", "scoring_elements": "0.96379", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.25967", "scoring_system": "epss", "scoring_elements": "0.96384", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.25967", "scoring_system": "epss", "scoring_elements": "0.96389", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4557" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4557", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4557" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=871685", "reference_id": "871685", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=871685" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2012-4557.json", "reference_id": "CVE-2012-4557", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2012-4557.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0512", "reference_id": "RHSA-2013:0512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0512" }, { "reference_url": "https://usn.ubuntu.com/1765-1/", "reference_id": "USN-1765-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1765-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74969?format=api", "purl": "pkg:apache/httpd@2.2.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22" } ], "aliases": [ "CVE-2012-4557" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wey2-jc8u-zudk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51013?format=api", "vulnerability_id": "VCID-x7n6-pzrs-nugs", "summary": "A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03008", "scoring_system": "epss", "scoring_elements": "0.86857", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03008", "scoring_system": "epss", "scoring_elements": "0.86837", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03008", "scoring_system": "epss", "scoring_elements": "0.8686", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03008", "scoring_system": "epss", "scoring_elements": "0.86856", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.03008", "scoring_system": "epss", "scoring_elements": "0.86854", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.03008", "scoring_system": "epss", "scoring_elements": "0.86844", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=533174", "reference_id": "533174", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533174" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901", "reference_id": "560901", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919", "reference_id": "560919", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920", "reference_id": "560920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921", "reference_id": "560921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922", "reference_id": "560922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926", "reference_id": "560926", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927", "reference_id": "560927", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928", "reference_id": "560928", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929", "reference_id": "560929", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930", "reference_id": "560930", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935", "reference_id": "560935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936", "reference_id": "560936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937", "reference_id": "560937", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940", "reference_id": "560940", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942", "reference_id": "560942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053", "reference_id": "601053", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-3560.json", "reference_id": "CVE-2009-3560", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-3560.json" }, { "reference_url": "https://security.gentoo.org/glsa/201209-06", "reference_id": "GLSA-201209-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1625", "reference_id": "RHSA-2009:1625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3239", "reference_id": "RHSA-2017:3239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3239" }, { "reference_url": "https://usn.ubuntu.com/890-1/", "reference_id": "USN-890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-1/" }, { "reference_url": "https://usn.ubuntu.com/890-2/", "reference_id": "USN-890-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-2/" }, { "reference_url": "https://usn.ubuntu.com/890-3/", "reference_id": "USN-890-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-3/" }, { "reference_url": "https://usn.ubuntu.com/890-4/", "reference_id": "USN-890-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-4/" }, { "reference_url": "https://usn.ubuntu.com/890-5/", "reference_id": "USN-890-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-5/" }, { "reference_url": "https://usn.ubuntu.com/890-6/", "reference_id": "USN-890-6", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/890-6/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74960?format=api", "purl": "pkg:apache/httpd@2.2.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-yqbj-upd2-fbc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.17" } ], "aliases": [ "CVE-2009-3560" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x7n6-pzrs-nugs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51010?format=api", "vulnerability_id": "VCID-xkdh-s6na-kqdc", "summary": "Faulty error handling was found affecting Solaris pollset support (Event Port backend) caused by a bug in APR. A remote attacker could trigger this issue on Solaris servers which used prefork or event MPMs, resulting in a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2699.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2699.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2699", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09281", "scoring_system": "epss", "scoring_elements": "0.92891", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09281", "scoring_system": "epss", "scoring_elements": "0.92903", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.09281", "scoring_system": "epss", "scoring_elements": "0.92899", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.09281", "scoring_system": "epss", "scoring_elements": "0.92894", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.09281", "scoring_system": "epss", "scoring_elements": "0.92892", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2699" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=528756", "reference_id": "528756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=528756" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-2699.json", "reference_id": "CVE-2009-2699", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-2699.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74957?format=api", "purl": "pkg:apache/httpd@2.2.14", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-e8cs-fvsy-b7dd" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-gp4e-v2qw-rbh2" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-x7n6-pzrs-nugs" }, { "vulnerability": "VCID-xpkn-zawt-ruh4" }, { "vulnerability": "VCID-yekj-h6m9-nkbj" }, { "vulnerability": "VCID-ywm9-1fbh-5qen" }, { "vulnerability": "VCID-yyhr-sksr-4fdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.14" } ], "aliases": [ "CVE-2009-2699" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xkdh-s6na-kqdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51016?format=api", "vulnerability_id": "VCID-xpkn-zawt-ruh4", "summary": "mod_proxy_ajp would return the wrong status code if it encountered an error, causing a backend server to be put into an error state until the retry timeout expired. A remote attacker could send malicious requests to trigger this issue, resulting in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.32487", "scoring_system": "epss", "scoring_elements": "0.96958", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.32487", "scoring_system": "epss", "scoring_elements": "0.96951", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.32487", "scoring_system": "epss", "scoring_elements": "0.96955", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.32487", "scoring_system": "epss", "scoring_elements": "0.96963", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.32487", "scoring_system": "epss", "scoring_elements": "0.9696", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.32487", "scoring_system": "epss", "scoring_elements": "0.96959", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=569905", "reference_id": "569905", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=569905" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-0408.json", "reference_id": "CVE-2010-0408", "reference_type": "", "scores": [ { "value": "moderate", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-0408.json" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0168", "reference_id": "RHSA-2010:0168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0396", "reference_id": "RHSA-2010:0396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0396" }, { "reference_url": "https://usn.ubuntu.com/908-1/", "reference_id": "USN-908-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/908-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74958?format=api", "purl": "pkg:apache/httpd@2.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-e8cs-fvsy-b7dd" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-x7n6-pzrs-nugs" }, { "vulnerability": "VCID-yekj-h6m9-nkbj" }, { "vulnerability": "VCID-yyhr-sksr-4fdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15" } ], "aliases": [ "CVE-2010-0408" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xpkn-zawt-ruh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51019?format=api", "vulnerability_id": "VCID-yekj-h6m9-nkbj", "summary": "A flaw was found in the handling of requests by mod_cache (2.2) and mod_dav (2.0 and 2.2). A malicious remote attacker could send a carefully crafted request and cause a httpd child process to crash. This crash would only be a denial of service if using the worker MPM. This issue is further mitigated as mod_dav is only affected by requests that are most likely to be authenticated, and mod_cache is only affected if the uncommon \"CacheIgnoreURLSessionIdentifiers\" directive, introduced in version 2.2.14, is used.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1452.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13868", "scoring_system": "epss", "scoring_elements": "0.94442", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.13868", "scoring_system": "epss", "scoring_elements": "0.94432", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.13868", "scoring_system": "epss", "scoring_elements": "0.9444", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.13868", "scoring_system": "epss", "scoring_elements": "0.9445", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.13868", "scoring_system": "epss", "scoring_elements": "0.94444", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.13868", "scoring_system": "epss", "scoring_elements": "0.94445", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=618189", "reference_id": "618189", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=618189" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-1452.json", "reference_id": "CVE-2010-1452", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-1452.json" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0659", "reference_id": "RHSA-2010:0659", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0659" }, { "reference_url": "https://usn.ubuntu.com/1021-1/", "reference_id": "USN-1021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1021-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74959?format=api", "purl": "pkg:apache/httpd@2.2.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-e8cs-fvsy-b7dd" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-x7n6-pzrs-nugs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.16" } ], "aliases": [ "CVE-2010-1452" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yekj-h6m9-nkbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51018?format=api", "vulnerability_id": "VCID-ywm9-1fbh-5qen", "summary": "A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headers_in array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as mod_headers which may manipulate the input headers for a subrequest would poison the parent request in two ways, one by modifying the parent request, which might not be intended, and second by leaving pointers to modified header fields in memory allocated to the subrequest scope, which could be freed before the main request processing was finished, resulting in a segfault or in revealing data from another request on threaded servers, such as the worker or winnt MPMs.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0434.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90285", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.903", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90298", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90297", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0539", "scoring_system": "epss", "scoring_elements": "0.90312", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=570171", "reference_id": "570171", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=570171" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-0434.json", "reference_id": "CVE-2010-0434", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-0434.json" }, { "reference_url": "https://security.gentoo.org/glsa/201206-25", "reference_id": "GLSA-201206-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0168", "reference_id": "RHSA-2010:0168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0175", "reference_id": "RHSA-2010:0175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0396", "reference_id": "RHSA-2010:0396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0396" }, { "reference_url": "https://usn.ubuntu.com/908-1/", "reference_id": "USN-908-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/908-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74958?format=api", "purl": "pkg:apache/httpd@2.2.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-e8cs-fvsy-b7dd" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-x7n6-pzrs-nugs" }, { "vulnerability": "VCID-yekj-h6m9-nkbj" }, { "vulnerability": "VCID-yyhr-sksr-4fdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.15" } ], "aliases": [ "CVE-2010-0434" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ywm9-1fbh-5qen" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51021?format=api", "vulnerability_id": "VCID-yyhr-sksr-4fdb", "summary": "An information disclosure flaw was found in mod_proxy_http in versions 2.2.9 through 2.2.15, 2.3.4-alpha and 2.3.5-alpha. Under certain timeout conditions, the server could return a response intended for another user. Only Windows, Netware and OS2 operating systems are affected. Only those configurations which trigger the use of proxy worker pools are affected. There was no vulnerability on earlier versions, as proxy pools were not yet introduced.\nThe simplest workaround is to globally configure;\nSetEnv proxy-nokeepalive 1", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08537", "scoring_system": "epss", "scoring_elements": "0.9254", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08537", "scoring_system": "epss", "scoring_elements": "0.92532", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08537", "scoring_system": "epss", "scoring_elements": "0.92544", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.08537", "scoring_system": "epss", "scoring_elements": "0.92553", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.08537", "scoring_system": "epss", "scoring_elements": "0.92535", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.08537", "scoring_system": "epss", "scoring_elements": "0.92534", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2068" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2010-2068.json", "reference_id": "CVE-2010-2068", "reference_type": "", "scores": [ { "value": "important", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2010-2068.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74959?format=api", "purl": "pkg:apache/httpd@2.2.16", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-e8cs-fvsy-b7dd" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-x7n6-pzrs-nugs" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.16" } ], "aliases": [ "CVE-2010-2068" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yyhr-sksr-4fdb" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51009?format=api", "vulnerability_id": "VCID-g837-8mzy-h3be", "summary": "A flaw in apr_palloc() in the bundled copy of APR could cause heap overflows in programs that try to apr_palloc() a user controlled size. The Apache HTTP Server itself does not pass unsanitized user-provided sizes to this function, so it could only be triggered through some other application which uses apr_palloc() in a vulnerable way.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2412.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.92097", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.92088", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.921", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.07751", "scoring_system": "epss", "scoring_elements": "0.92095", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.10322", "scoring_system": "epss", "scoring_elements": "0.93333", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.10322", "scoring_system": "epss", "scoring_elements": "0.93326", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=515698", "reference_id": "515698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515698" }, { "reference_url": "https://httpd.apache.org/security/json/CVE-2009-2412.json", "reference_id": "CVE-2009-2412", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "apache_httpd", "scoring_elements": "" } ], "url": "https://httpd.apache.org/security/json/CVE-2009-2412.json" }, { "reference_url": "https://security.gentoo.org/glsa/200909-03", "reference_id": "GLSA-200909-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1204", "reference_id": "RHSA-2009:1204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1205", "reference_id": "RHSA-2009:1205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1462", "reference_id": "RHSA-2009:1462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1462" }, { "reference_url": "https://usn.ubuntu.com/813-1/", "reference_id": "USN-813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/813-1/" }, { "reference_url": "https://usn.ubuntu.com/813-2/", "reference_id": "USN-813-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/813-2/" }, { "reference_url": "https://usn.ubuntu.com/813-3/", "reference_id": "USN-813-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/813-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/74955?format=api", "purl": "pkg:apache/httpd@2.0.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.0.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/74956?format=api", "purl": "pkg:apache/httpd@2.2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-189a-yyhy-q7ds" }, { "vulnerability": "VCID-1cpt-rd7f-8qhk" }, { "vulnerability": "VCID-1xb5-reys-d7fb" }, { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-4yze-nb6e-8yav" }, { "vulnerability": "VCID-5h45-6kty-ffhm" }, { "vulnerability": "VCID-5y32-wcg3-sybr" }, { "vulnerability": "VCID-6b2z-q7qe-gbeg" }, { "vulnerability": "VCID-72zv-psyw-vbh7" }, { "vulnerability": "VCID-7pxs-sc8s-8fg2" }, { "vulnerability": "VCID-8qu7-pwaj-yqhq" }, { "vulnerability": "VCID-96zk-7c51-vke8" }, { "vulnerability": "VCID-b44m-f3y9-kqag" }, { "vulnerability": "VCID-bhfc-b64s-yue4" }, { "vulnerability": "VCID-cqa7-5n1m-4kem" }, { "vulnerability": "VCID-csqk-utue-9yeq" }, { "vulnerability": "VCID-da7f-7vn1-gffu" }, { "vulnerability": "VCID-duan-fz4r-uydy" }, { "vulnerability": "VCID-e8cs-fvsy-b7dd" }, { "vulnerability": "VCID-eb5e-gswe-r7ac" }, { "vulnerability": "VCID-f4m5-bj25-pbhy" }, { "vulnerability": "VCID-fg75-4dwv-9qb5" }, { "vulnerability": "VCID-gp4e-v2qw-rbh2" }, { "vulnerability": "VCID-j5r1-q5tv-xqcp" }, { "vulnerability": "VCID-kb48-61na-cyap" }, { "vulnerability": "VCID-m4t4-3fjk-s3gq" }, { "vulnerability": "VCID-nn89-pb36-v7ds" }, { "vulnerability": "VCID-pmn2-fj7y-ubha" }, { "vulnerability": "VCID-ps1g-6hy7-87dr" }, { "vulnerability": "VCID-rhy7-r84u-gbfc" }, { "vulnerability": "VCID-t1ad-c6y2-rueb" }, { "vulnerability": "VCID-t8c4-wnuw-6bfd" }, { "vulnerability": "VCID-um53-bb17-93fp" }, { "vulnerability": "VCID-vb2q-wweb-37gz" }, { "vulnerability": "VCID-wey2-jc8u-zudk" }, { "vulnerability": "VCID-x7n6-pzrs-nugs" }, { "vulnerability": "VCID-xkdh-s6na-kqdc" }, { "vulnerability": "VCID-xpkn-zawt-ruh4" }, { "vulnerability": "VCID-yekj-h6m9-nkbj" }, { "vulnerability": "VCID-ywm9-1fbh-5qen" }, { "vulnerability": "VCID-yyhr-sksr-4fdb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.13" } ], "aliases": [ "CVE-2009-2412" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g837-8mzy-h3be" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.13" }