{"url":"http://public2.vulnerablecode.io/api/packages/74964?format=json","purl":"pkg:apache/httpd@2.2.18","type":"apache","namespace":"","name":"httpd","version":"2.2.18","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.4.42","latest_non_vulnerable_version":"2.4.54","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51043?format=json","vulnerability_id":"VCID-189a-yyhy-q7ds","summary":"XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6438.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6438","reference_id":"","reference_type":"","scores":[{"value":"0.39561","scoring_system":"epss","scoring_elements":"0.97382","published_at":"2026-06-04T12:55:00Z"},{"value":"0.39561","scoring_system":"epss","scoring_elements":"0.97388","published_at":"2026-06-05T12:55:00Z"},{"value":"0.39561","scoring_system":"epss","scoring_elements":"0.97389","published_at":"2026-06-07T12:55:00Z"},{"value":"0.39561","scoring_system":"epss","scoring_elements":"0.9739","published_at":"2026-06-08T12:55:00Z"},{"value":"0.39561","scoring_system":"epss","scoring_elements":"0.97391","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077867","reference_id":"1077867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077867"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-6438.json","reference_id":"CVE-2013-6438","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-6438.json"},{"reference_url":"https://security.gentoo.org/glsa/201408-12","reference_id":"GLSA-201408-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0369","reference_id":"RHSA-2014:0369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0370","reference_id":"RHSA-2014:0370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0783","reference_id":"RHSA-2014:0783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0784","reference_id":"RHSA-2014:0784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0825","reference_id":"RHSA-2014:0825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0826","reference_id":"RHSA-2014:0826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0826"},{"reference_url":"https://usn.ubuntu.com/2152-1/","reference_id":"USN-2152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2152-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74980?format=json","purl":"pkg:apache/httpd@2.2.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27"},{"url":"http://public2.vulnerablecode.io/api/packages/74981?format=json","purl":"pkg:apache/httpd@2.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-9dw1-6m3c-syd1"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-snas-xc79-mkge"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-tmjs-99hk-syat"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9"}],"aliases":["CVE-2013-6438"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-189a-yyhy-q7ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51060?format=json","vulnerability_id":"VCID-1cpt-rd7f-8qhk","summary":"Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the \"Location\" or other outbound header key or value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4975","reference_id":"","reference_type":"","scores":[{"value":"0.59605","scoring_system":"epss","scoring_elements":"0.98286","published_at":"2026-06-09T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98813","published_at":"2026-06-08T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98815","published_at":"2026-06-07T12:55:00Z"},{"value":"0.73272","scoring_system":"epss","scoring_elements":"0.98816","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4975"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1375968","reference_id":"1375968","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1375968"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-4975.json","reference_id":"CVE-2016-4975","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-4975.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0906","reference_id":"RHSA-2017:0906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2185","reference_id":"RHSA-2018:2185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2186","reference_id":"RHSA-2018:2186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74994?format=json","purl":"pkg:apache/httpd@2.2.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-pj23-hhvw-6ucr"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-um53-bb17-93fp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32"},{"url":"http://public2.vulnerablecode.io/api/packages/74993?format=json","purl":"pkg:apache/httpd@2.4.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-3cam-1afg-9bdv"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-54u4-szhc-zycj"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5sf7-wq36-5ye3"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-62uq-vyd8-mfbt"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7bxa-rkrq-dyf7"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-eueu-bt2r-xfaa"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nxt8-4r1p-kuab"},{"vulnerability":"VCID-ny3v-m8gs-3bf2"},{"vulnerability":"VCID-pfpr-8td6-t7dc"},{"vulnerability":"VCID-pj23-hhvw-6ucr"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-t9kh-3weu-qugs"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-ykyn-menc-kbfa"},{"vulnerability":"VCID-yvfg-1nhp-qqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25"}],"aliases":["CVE-2016-4975"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1cpt-rd7f-8qhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51046?format=json","vulnerability_id":"VCID-1xb5-reys-d7fb","summary":"A resource consumption flaw was found in mod_deflate. If request body decompression was configured (using the \"DEFLATE\" input filter), a remote attacker could cause the server to consume significant memory and/or CPU resources. The use of request body decompression is not a common configuration.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0118.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0118","reference_id":"","reference_type":"","scores":[{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97475","published_at":"2026-06-04T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97481","published_at":"2026-06-07T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97482","published_at":"2026-06-08T12:55:00Z"},{"value":"0.41327","scoring_system":"epss","scoring_elements":"0.97483","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120601","reference_id":"1120601","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120601"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0118.json","reference_id":"CVE-2014-0118","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0118.json"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0920","reference_id":"RHSA-2014:0920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1019","reference_id":"RHSA-2014:1019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1020","reference_id":"RHSA-2014:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1021","reference_id":"RHSA-2014:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1086","reference_id":"RHSA-2014:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1087","reference_id":"RHSA-2014:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1088","reference_id":"RHSA-2014:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1088"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74983?format=json","purl":"pkg:apache/httpd@2.2.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29"},{"url":"http://public2.vulnerablecode.io/api/packages/74982?format=json","purl":"pkg:apache/httpd@2.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-tmjs-99hk-syat"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-x5nj-5bsv-aqeh"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10"}],"aliases":["CVE-2014-0118"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1xb5-reys-d7fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6535?format=json","vulnerability_id":"VCID-4yze-nb6e-8yav","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7679.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7679","reference_id":"","reference_type":"","scores":[{"value":"0.30062","scoring_system":"epss","scoring_elements":"0.96766","published_at":"2026-06-09T12:55:00Z"},{"value":"0.30062","scoring_system":"epss","scoring_elements":"0.96762","published_at":"2026-06-07T12:55:00Z"},{"value":"0.30062","scoring_system":"epss","scoring_elements":"0.96754","published_at":"2026-06-04T12:55:00Z"},{"value":"0.30062","scoring_system":"epss","scoring_elements":"0.96758","published_at":"2026-06-05T12:55:00Z"},{"value":"0.30062","scoring_system":"epss","scoring_elements":"0.96761","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463207","reference_id":"1463207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463207"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-7679.json","reference_id":"CVE-2017-7679","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-7679.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74995?format=json","purl":"pkg:apache/httpd@2.2.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-j5r1-q5tv-xqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34"},{"url":"http://public2.vulnerablecode.io/api/packages/74996?format=json","purl":"pkg:apache/httpd@2.4.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4e1g-urtc-9bd8"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-54u4-szhc-zycj"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5sf7-wq36-5ye3"},{"vulnerability":"VCID-62uq-vyd8-mfbt"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7bxa-rkrq-dyf7"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-eueu-bt2r-xfaa"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nxt8-4r1p-kuab"},{"vulnerability":"VCID-ny3v-m8gs-3bf2"},{"vulnerability":"VCID-pfpr-8td6-t7dc"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-t9kh-3weu-qugs"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-ykyn-menc-kbfa"},{"vulnerability":"VCID-yvfg-1nhp-qqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26"}],"aliases":["CVE-2017-7679"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4yze-nb6e-8yav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51031?format=json","vulnerability_id":"VCID-5h45-6kty-ffhm","summary":"A flaw was found in the default error response for status code 400. This flaw could be used by an attacker to expose \"httpOnly\" cookies when no custom ErrorDocument is specified.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0053","reference_id":"","reference_type":"","scores":[{"value":"0.23641","scoring_system":"epss","scoring_elements":"0.96104","published_at":"2026-06-09T12:55:00Z"},{"value":"0.23641","scoring_system":"epss","scoring_elements":"0.96099","published_at":"2026-06-08T12:55:00Z"},{"value":"0.33846","scoring_system":"epss","scoring_elements":"0.9705","published_at":"2026-06-05T12:55:00Z"},{"value":"0.33846","scoring_system":"epss","scoring_elements":"0.97054","published_at":"2026-06-07T12:55:00Z"},{"value":"0.33846","scoring_system":"epss","scoring_elements":"0.97052","published_at":"2026-06-06T12:55:00Z"},{"value":"0.33846","scoring_system":"epss","scoring_elements":"0.97047","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0053"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=785069","reference_id":"785069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=785069"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0053.json","reference_id":"CVE-2012-0053","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0053.json"},{"reference_url":"https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08","reference_id":"CVE-2012-0053;OSVDB-78556","reference_type":"exploit","scores":[],"url":"https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html","reference_id":"CVE-2012-0053;OSVDB-78556","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/18442.html"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74969?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2012-0053"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5h45-6kty-ffhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6538?format=json","vulnerability_id":"VCID-5y32-wcg3-sybr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3169.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3169","reference_id":"","reference_type":"","scores":[{"value":"0.30773","scoring_system":"epss","scoring_elements":"0.96833","published_at":"2026-06-09T12:55:00Z"},{"value":"0.30773","scoring_system":"epss","scoring_elements":"0.96829","published_at":"2026-06-07T12:55:00Z"},{"value":"0.30773","scoring_system":"epss","scoring_elements":"0.9682","published_at":"2026-06-04T12:55:00Z"},{"value":"0.30773","scoring_system":"epss","scoring_elements":"0.96825","published_at":"2026-06-05T12:55:00Z"},{"value":"0.30773","scoring_system":"epss","scoring_elements":"0.96828","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463197","reference_id":"1463197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463197"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-3169.json","reference_id":"CVE-2017-3169","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-3169.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74995?format=json","purl":"pkg:apache/httpd@2.2.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-j5r1-q5tv-xqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34"},{"url":"http://public2.vulnerablecode.io/api/packages/74996?format=json","purl":"pkg:apache/httpd@2.4.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4e1g-urtc-9bd8"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-54u4-szhc-zycj"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5sf7-wq36-5ye3"},{"vulnerability":"VCID-62uq-vyd8-mfbt"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7bxa-rkrq-dyf7"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-eueu-bt2r-xfaa"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nxt8-4r1p-kuab"},{"vulnerability":"VCID-ny3v-m8gs-3bf2"},{"vulnerability":"VCID-pfpr-8td6-t7dc"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-t9kh-3weu-qugs"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-ykyn-menc-kbfa"},{"vulnerability":"VCID-yvfg-1nhp-qqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26"}],"aliases":["CVE-2017-3169"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5y32-wcg3-sybr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51044?format=json","vulnerability_id":"VCID-6b2z-q7qe-gbeg","summary":"A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0098.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0098","reference_id":"","reference_type":"","scores":[{"value":"0.50788","scoring_system":"epss","scoring_elements":"0.97907","published_at":"2026-06-04T12:55:00Z"},{"value":"0.50788","scoring_system":"epss","scoring_elements":"0.97911","published_at":"2026-06-05T12:55:00Z"},{"value":"0.50788","scoring_system":"epss","scoring_elements":"0.97912","published_at":"2026-06-09T12:55:00Z"},{"value":"0.50788","scoring_system":"epss","scoring_elements":"0.97913","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0098"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077871","reference_id":"1077871","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077871"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0098.json","reference_id":"CVE-2014-0098","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0098.json"},{"reference_url":"https://security.gentoo.org/glsa/201408-12","reference_id":"GLSA-201408-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0369","reference_id":"RHSA-2014:0369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0370","reference_id":"RHSA-2014:0370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0783","reference_id":"RHSA-2014:0783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0784","reference_id":"RHSA-2014:0784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0825","reference_id":"RHSA-2014:0825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0826","reference_id":"RHSA-2014:0826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0826"},{"reference_url":"https://usn.ubuntu.com/2152-1/","reference_id":"USN-2152-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2152-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74980?format=json","purl":"pkg:apache/httpd@2.2.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.27"},{"url":"http://public2.vulnerablecode.io/api/packages/74981?format=json","purl":"pkg:apache/httpd@2.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-9dw1-6m3c-syd1"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-snas-xc79-mkge"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-tmjs-99hk-syat"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.9"}],"aliases":["CVE-2014-0098"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6b2z-q7qe-gbeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51026?format=json","vulnerability_id":"VCID-72zv-psyw-vbh7","summary":"An exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker. No update of 1.3 will be released.\nPatches will be published to https://archive.apache.org/dist/httpd/patches/apply_to_1.3.42/","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3368.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3368","reference_id":"","reference_type":"","scores":[{"value":"0.76893","scoring_system":"epss","scoring_elements":"0.98976","published_at":"2026-06-04T12:55:00Z"},{"value":"0.76893","scoring_system":"epss","scoring_elements":"0.98977","published_at":"2026-06-09T12:55:00Z"},{"value":"0.76893","scoring_system":"epss","scoring_elements":"0.98979","published_at":"2026-06-06T12:55:00Z"},{"value":"0.76893","scoring_system":"epss","scoring_elements":"0.98978","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3368"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3368"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=740045","reference_id":"740045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=740045"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3368.json","reference_id":"CVE-2011-3368","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3368.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py","reference_id":"CVE-2011-3368;OSVDB-76079","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/17969.py"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1391","reference_id":"RHSA-2011:1391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1392","reference_id":"RHSA-2011:1392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1259-1/","reference_id":"USN-1259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74969?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2011-3368"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-72zv-psyw-vbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51037?format=json","vulnerability_id":"VCID-7pxs-sc8s-8fg2","summary":"A XSS flaw affected the mod_proxy_balancer manager interface.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4558","reference_id":"","reference_type":"","scores":[{"value":"0.58223","scoring_system":"epss","scoring_elements":"0.98222","published_at":"2026-06-04T12:55:00Z"},{"value":"0.58223","scoring_system":"epss","scoring_elements":"0.98224","published_at":"2026-06-09T12:55:00Z"},{"value":"0.58223","scoring_system":"epss","scoring_elements":"0.98225","published_at":"2026-06-07T12:55:00Z"},{"value":"0.58223","scoring_system":"epss","scoring_elements":"0.98226","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=915884","reference_id":"915884","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=915884"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-4558.json","reference_id":"CVE-2012-4558","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-4558.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1011","reference_id":"RHSA-2013:1011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1012","reference_id":"RHSA-2013:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1013","reference_id":"RHSA-2013:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1765-1/","reference_id":"USN-1765-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1765-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74974?format=json","purl":"pkg:apache/httpd@2.2.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.24"},{"url":"http://public2.vulnerablecode.io/api/packages/74975?format=json","purl":"pkg:apache/httpd@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-26s8-29m8-s7cy"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-snas-xc79-mkge"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.4"}],"aliases":["CVE-2012-4558"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pxs-sc8s-8fg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51048?format=json","vulnerability_id":"VCID-8qu7-pwaj-yqhq","summary":"A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0231","reference_id":"","reference_type":"","scores":[{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97614","published_at":"2026-06-04T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97618","published_at":"2026-06-05T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.9762","published_at":"2026-06-08T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97619","published_at":"2026-06-07T12:55:00Z"},{"value":"0.44151","scoring_system":"epss","scoring_elements":"0.97621","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120596","reference_id":"1120596","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120596"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0231.json","reference_id":"CVE-2014-0231","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0231.json"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0920","reference_id":"RHSA-2014:0920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1019","reference_id":"RHSA-2014:1019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1020","reference_id":"RHSA-2014:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1021","reference_id":"RHSA-2014:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1086","reference_id":"RHSA-2014:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1087","reference_id":"RHSA-2014:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1088","reference_id":"RHSA-2014:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1088"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74983?format=json","purl":"pkg:apache/httpd@2.2.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29"},{"url":"http://public2.vulnerablecode.io/api/packages/74982?format=json","purl":"pkg:apache/httpd@2.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-tmjs-99hk-syat"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-x5nj-5bsv-aqeh"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10"}],"aliases":["CVE-2014-0231"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qu7-pwaj-yqhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51039?format=json","vulnerability_id":"VCID-b44m-f3y9-kqag","summary":"Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1896","reference_id":"","reference_type":"","scores":[{"value":"0.43961","scoring_system":"epss","scoring_elements":"0.97605","published_at":"2026-06-04T12:55:00Z"},{"value":"0.43961","scoring_system":"epss","scoring_elements":"0.97609","published_at":"2026-06-05T12:55:00Z"},{"value":"0.43961","scoring_system":"epss","scoring_elements":"0.97611","published_at":"2026-06-08T12:55:00Z"},{"value":"0.43961","scoring_system":"epss","scoring_elements":"0.9761","published_at":"2026-06-07T12:55:00Z"},{"value":"0.43961","scoring_system":"epss","scoring_elements":"0.97613","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1896"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272","reference_id":"717272","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717272"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=983549","reference_id":"983549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=983549"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-1896.json","reference_id":"CVE-2013-1896","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-1896.json"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1133","reference_id":"RHSA-2013:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1134","reference_id":"RHSA-2013:1134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1156","reference_id":"RHSA-2013:1156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1903-1/","reference_id":"USN-1903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74976?format=json","purl":"pkg:apache/httpd@2.2.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25"},{"url":"http://public2.vulnerablecode.io/api/packages/74977?format=json","purl":"pkg:apache/httpd@2.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-9dw1-6m3c-syd1"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-snas-xc79-mkge"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-vg84-brwd-bkez"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.6"}],"aliases":["CVE-2013-1896"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b44m-f3y9-kqag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51024?format=json","vulnerability_id":"VCID-cqa7-5n1m-4kem","summary":"A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. This could be used in a denial of service attack. Advisory: CVE-2011-3192.txt","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3192","reference_id":"","reference_type":"","scores":[{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99626","published_at":"2026-06-07T12:55:00Z"},{"value":"0.90456","scoring_system":"epss","scoring_elements":"0.99625","published_at":"2026-06-09T12:55:00Z"},{"value":"0.90865","scoring_system":"epss","scoring_elements":"0.99645","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3192"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=732928","reference_id":"732928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=732928"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3192.json","reference_id":"CVE-2011-3192","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3192.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c","reference_id":"CVE-2014-5329;OSVDB-74721;CVE-2011-3192","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18221.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl","reference_id":"CVE-2014-5329;OSVDB-74721;CVE-2011-3192","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/17696.pl"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1245","reference_id":"RHSA-2011:1245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1294","reference_id":"RHSA-2011:1294","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1300","reference_id":"RHSA-2011:1300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1300"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1329","reference_id":"RHSA-2011:1329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1330","reference_id":"RHSA-2011:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1330"},{"reference_url":"https://usn.ubuntu.com/1199-1/","reference_id":"USN-1199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1199-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74967?format=json","purl":"pkg:apache/httpd@2.2.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5h45-6kty-ffhm"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-72zv-psyw-vbh7"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-da7f-7vn1-gffu"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-eb5e-gswe-r7ac"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kb48-61na-cyap"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-pmn2-fj7y-ubha"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wey2-jc8u-zudk"},{"vulnerability":"VCID-yqbj-upd2-fbc6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.20"}],"aliases":["CVE-2011-3192"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cqa7-5n1m-4kem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51034?format=json","vulnerability_id":"VCID-csqk-utue-9yeq","summary":"Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3499.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3499","reference_id":"","reference_type":"","scores":[{"value":"0.21581","scoring_system":"epss","scoring_elements":"0.95829","published_at":"2026-06-04T12:55:00Z"},{"value":"0.21581","scoring_system":"epss","scoring_elements":"0.95833","published_at":"2026-06-05T12:55:00Z"},{"value":"0.21581","scoring_system":"epss","scoring_elements":"0.95836","published_at":"2026-06-08T12:55:00Z"},{"value":"0.21581","scoring_system":"epss","scoring_elements":"0.95837","published_at":"2026-06-07T12:55:00Z"},{"value":"0.21581","scoring_system":"epss","scoring_elements":"0.95841","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=915883","reference_id":"915883","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=915883"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-3499.json","reference_id":"CVE-2012-3499","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-3499.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1011","reference_id":"RHSA-2013:1011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1012","reference_id":"RHSA-2013:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1013","reference_id":"RHSA-2013:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1765-1/","reference_id":"USN-1765-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1765-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74974?format=json","purl":"pkg:apache/httpd@2.2.24","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.24"},{"url":"http://public2.vulnerablecode.io/api/packages/74975?format=json","purl":"pkg:apache/httpd@2.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-26s8-29m8-s7cy"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-snas-xc79-mkge"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.4"}],"aliases":["CVE-2012-3499"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-csqk-utue-9yeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51028?format=json","vulnerability_id":"VCID-da7f-7vn1-gffu","summary":"An additional exposure was found when using mod_proxy in reverse proxy mode. In certain configurations using RewriteRule with proxy flag or ProxyPassMatch, a remote attacker could cause the reverse proxy to connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to attacker.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4317.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4317","reference_id":"","reference_type":"","scores":[{"value":"0.77975","scoring_system":"epss","scoring_elements":"0.9903","published_at":"2026-06-09T12:55:00Z"},{"value":"0.79449","scoring_system":"epss","scoring_elements":"0.99103","published_at":"2026-06-04T12:55:00Z"},{"value":"0.79449","scoring_system":"epss","scoring_elements":"0.99104","published_at":"2026-06-07T12:55:00Z"},{"value":"0.79449","scoring_system":"epss","scoring_elements":"0.99105","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4317"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=756483","reference_id":"756483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=756483"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-4317.json","reference_id":"CVE-2011-4317","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-4317.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt","reference_id":"CVE-2011-4317;OSVDB-77310","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36352.txt"},{"reference_url":"https://www.securityfocus.com/bid/50802/info","reference_id":"CVE-2011-4317;OSVDB-77310","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/50802/info"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74969?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2011-4317"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-da7f-7vn1-gffu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51062?format=json","vulnerability_id":"VCID-duan-fz4r-uydy","summary":"HTTP_PROXY is a well-defined environment variable in a CGI process, which collided with a number of libraries which failed to avoid colliding with this CGI namespace. A mitigation is provided for the httpd CGI environment to avoid populating the \"HTTP_PROXY\" variable from a \"Proxy:\" header, which has never been registered by IANA. This workaround and patch are documented in the ASF Advisory at asf-httpoxy-response.txt and incorporated in the 2.4.25 and 2.2.32 releases. Note: This is not assigned an httpd severity, as it is a defect in other software which overloaded well-established CGI environment variables, and does not reflect an error in HTTP server software.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5387","reference_id":"","reference_type":"","scores":[{"value":"0.43937","scoring_system":"epss","scoring_elements":"0.97611","published_at":"2026-06-09T12:55:00Z"},{"value":"0.51564","scoring_system":"epss","scoring_elements":"0.97949","published_at":"2026-06-08T12:55:00Z"},{"value":"0.51564","scoring_system":"epss","scoring_elements":"0.97945","published_at":"2026-06-04T12:55:00Z"},{"value":"0.51564","scoring_system":"epss","scoring_elements":"0.97948","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353755","reference_id":"1353755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353755"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-5387.json","reference_id":"CVE-2016-5387","reference_type":"","scores":[{"value":"n/a","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-5387.json"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1420","reference_id":"RHSA-2016:1420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1421","reference_id":"RHSA-2016:1421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1422","reference_id":"RHSA-2016:1422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1625","reference_id":"RHSA-2016:1625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1648","reference_id":"RHSA-2016:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1649","reference_id":"RHSA-2016:1649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1650","reference_id":"RHSA-2016:1650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1851","reference_id":"RHSA-2016:1851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1851"},{"reference_url":"https://usn.ubuntu.com/3038-1/","reference_id":"USN-3038-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3038-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74994?format=json","purl":"pkg:apache/httpd@2.2.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-pj23-hhvw-6ucr"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-um53-bb17-93fp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32"},{"url":"http://public2.vulnerablecode.io/api/packages/74993?format=json","purl":"pkg:apache/httpd@2.4.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-3cam-1afg-9bdv"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-54u4-szhc-zycj"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5sf7-wq36-5ye3"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-62uq-vyd8-mfbt"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7bxa-rkrq-dyf7"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-eueu-bt2r-xfaa"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nxt8-4r1p-kuab"},{"vulnerability":"VCID-ny3v-m8gs-3bf2"},{"vulnerability":"VCID-pfpr-8td6-t7dc"},{"vulnerability":"VCID-pj23-hhvw-6ucr"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-t9kh-3weu-qugs"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-ykyn-menc-kbfa"},{"vulnerability":"VCID-yvfg-1nhp-qqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25"}],"aliases":["CVE-2016-5387"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-duan-fz4r-uydy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51027?format=json","vulnerability_id":"VCID-eb5e-gswe-r7ac","summary":"An integer overflow flaw was found which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3607.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3607","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.4769","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47624","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47688","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47672","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00591","scoring_system":"epss","scoring_elements":"0.69627","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00591","scoring_system":"epss","scoring_elements":"0.69606","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=769844","reference_id":"769844","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=769844"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3607.json","reference_id":"CVE-2011-3607","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3607.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt","reference_id":"CVE-2011-4415;CVE-2011-3607","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41769.txt"},{"reference_url":"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/","reference_id":"CVE-2011-4415;CVE-2011-3607","reference_type":"exploit","scores":[],"url":"http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74969?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2011-3607"],"risk_score":4.2,"exploitability":"2.0","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eb5e-gswe-r7ac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51033?format=json","vulnerability_id":"VCID-f4m5-bj25-pbhy","summary":"Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled. Note: This issue is also known as CVE-2008-0455.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2687.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2687","reference_id":"","reference_type":"","scores":[{"value":"0.0466","scoring_system":"epss","scoring_elements":"0.89534","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0466","scoring_system":"epss","scoring_elements":"0.89516","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0466","scoring_system":"epss","scoring_elements":"0.89518","published_at":"2026-06-08T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92391","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92381","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08268","scoring_system":"epss","scoring_elements":"0.92395","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794","reference_id":"850794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-2687.json","reference_id":"CVE-2012-2687","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-2687.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1591","reference_id":"RHSA-2012:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1592","reference_id":"RHSA-2012:1592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1594","reference_id":"RHSA-2012:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0130","reference_id":"RHSA-2013:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0512","reference_id":"RHSA-2013:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0512"},{"reference_url":"https://usn.ubuntu.com/1627-1/","reference_id":"USN-1627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1627-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74971?format=json","purl":"pkg:apache/httpd@2.2.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.23"},{"url":"http://public2.vulnerablecode.io/api/packages/74973?format=json","purl":"pkg:apache/httpd@2.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-26s8-29m8-s7cy"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-snas-xc79-mkge"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.3"}],"aliases":["CVE-2012-2687"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f4m5-bj25-pbhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51042?format=json","vulnerability_id":"VCID-fg75-4dwv-9qb5","summary":"HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the \"MergeTrailers\" directive to restore legacy behavior.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5704","reference_id":"","reference_type":"","scores":[{"value":"0.65044","scoring_system":"epss","scoring_elements":"0.98494","published_at":"2026-06-04T12:55:00Z"},{"value":"0.65044","scoring_system":"epss","scoring_elements":"0.98497","published_at":"2026-06-05T12:55:00Z"},{"value":"0.65044","scoring_system":"epss","scoring_elements":"0.98496","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5704"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082903","reference_id":"1082903","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082903"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-5704.json","reference_id":"CVE-2013-5704","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-5704.json"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1972","reference_id":"RHSA-2014:1972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0325","reference_id":"RHSA-2015:0325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1249","reference_id":"RHSA-2015:1249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2661","reference_id":"RHSA-2015:2661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0061","reference_id":"RHSA-2016:0061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0062","reference_id":"RHSA-2016:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0062"},{"reference_url":"https://usn.ubuntu.com/2523-1/","reference_id":"USN-2523-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2523-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74983?format=json","purl":"pkg:apache/httpd@2.2.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29"},{"url":"http://public2.vulnerablecode.io/api/packages/74984?format=json","purl":"pkg:apache/httpd@2.4.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-jyh8-j4vf-8fgs"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-tmjs-99hk-syat"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.12"}],"aliases":["CVE-2013-5704"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fg75-4dwv-9qb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6470?format=json","vulnerability_id":"VCID-j5r1-q5tv-xqcp","summary":"information disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9798","reference_id":"","reference_type":"","scores":[{"value":"0.9384","scoring_system":"epss","scoring_elements":"0.99874","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1490344","reference_id":"1490344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1490344"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109","reference_id":"876109","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876109"},{"reference_url":"https://security.archlinux.org/ASA-201709-15","reference_id":"ASA-201709-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201709-15"},{"reference_url":"https://security.archlinux.org/AVG-404","reference_id":"AVG-404","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-404"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-9798.json","reference_id":"CVE-2017-9798","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-9798.json"},{"reference_url":"https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed","reference_id":"CVE-2017-9798;OPTIONSBLEED","reference_type":"exploit","scores":[],"url":"https://github.com/hannob/optionsbleed/blob/e297ce13cfb0f338b2cabfb81a70349fd6925f82/optionsbleed"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py","reference_id":"CVE-2017-9798;OPTIONSBLEED","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/webapps/42745.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2882","reference_id":"RHSA-2017:2882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2972","reference_id":"RHSA-2017:2972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3018","reference_id":"RHSA-2017:3018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3240","reference_id":"RHSA-2017:3240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3425-1/","reference_id":"USN-3425-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3425-1/"},{"reference_url":"https://usn.ubuntu.com/3425-2/","reference_id":"USN-3425-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3425-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74998?format=json","purl":"pkg:apache/httpd@2.4.28","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-54u4-szhc-zycj"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5sf7-wq36-5ye3"},{"vulnerability":"VCID-62uq-vyd8-mfbt"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7bxa-rkrq-dyf7"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-eueu-bt2r-xfaa"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nxt8-4r1p-kuab"},{"vulnerability":"VCID-ny3v-m8gs-3bf2"},{"vulnerability":"VCID-pfpr-8td6-t7dc"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-t9kh-3weu-qugs"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-ykyn-menc-kbfa"},{"vulnerability":"VCID-yvfg-1nhp-qqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.28"}],"aliases":["CVE-2017-9798"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j5r1-q5tv-xqcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51025?format=json","vulnerability_id":"VCID-kb48-61na-cyap","summary":"A flaw was found when mod_proxy_ajp is used together with mod_proxy_balancer. Given a specific configuration, a remote attacker could send certain malformed HTTP requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3348.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3348.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3348","reference_id":"","reference_type":"","scores":[{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.97061","published_at":"2026-06-04T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.97065","published_at":"2026-06-05T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.97067","published_at":"2026-06-06T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.97069","published_at":"2026-06-08T12:55:00Z"},{"value":"0.34026","scoring_system":"epss","scoring_elements":"0.97072","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=736690","reference_id":"736690","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=736690"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-3348.json","reference_id":"CVE-2011-3348","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-3348.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1391","reference_id":"RHSA-2011:1391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1259-1/","reference_id":"USN-1259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74968?format=json","purl":"pkg:apache/httpd@2.2.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5h45-6kty-ffhm"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-72zv-psyw-vbh7"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-da7f-7vn1-gffu"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-eb5e-gswe-r7ac"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-pmn2-fj7y-ubha"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wey2-jc8u-zudk"},{"vulnerability":"VCID-yqbj-upd2-fbc6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.21"}],"aliases":["CVE-2011-3348"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kb48-61na-cyap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51038?format=json","vulnerability_id":"VCID-m4t4-3fjk-s3gq","summary":"mod_rewrite does not filter terminal escape sequences from logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1862.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1862","reference_id":"","reference_type":"","scores":[{"value":"0.52396","scoring_system":"epss","scoring_elements":"0.97981","published_at":"2026-06-04T12:55:00Z"},{"value":"0.52396","scoring_system":"epss","scoring_elements":"0.97984","published_at":"2026-06-07T12:55:00Z"},{"value":"0.52396","scoring_system":"epss","scoring_elements":"0.97983","published_at":"2026-06-08T12:55:00Z"},{"value":"0.52396","scoring_system":"epss","scoring_elements":"0.97982","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=953729","reference_id":"953729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=953729"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2013-1862.json","reference_id":"CVE-2013-1862","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2013-1862.json"},{"reference_url":"https://security.gentoo.org/glsa/201309-12","reference_id":"GLSA-201309-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0815","reference_id":"RHSA-2013:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1133","reference_id":"RHSA-2013:1133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1134","reference_id":"RHSA-2013:1134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1207","reference_id":"RHSA-2013:1207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1208","reference_id":"RHSA-2013:1208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1209","reference_id":"RHSA-2013:1209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1209"},{"reference_url":"https://usn.ubuntu.com/1903-1/","reference_id":"USN-1903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74976?format=json","purl":"pkg:apache/httpd@2.2.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.25"}],"aliases":["CVE-2013-1862"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m4t4-3fjk-s3gq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51064?format=json","vulnerability_id":"VCID-nn89-pb36-v7ds","summary":"Apache HTTP Server, prior to release 2.4.25 (and 2.2.32), accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated as whitespace and remained in the request field member \"the_request\", while a bare CR in the request header field name would be honored as whitespace, and a bare CR in the request header field value was retained the input headers array. Implied additional whitespace was accepted in the request line and prior to the ':' delimiter of any request header lines.\nRFC7230 Section 3.5 calls out some of these whitespace exceptions, and section 3.2.3 eliminated and clarified the role of implied whitespace in the grammer of this specification. Section 3.1.1 requires exactly one single SP between the method and request-target, and between the request-target and HTTP-version, followed immediately by a CRLF sequence. None of these fields permit any (unencoded) CTL character whatsoever. Section 3.2.4 explicitly disallowed any whitespace from the request header field prior to the ':' character, while Section 3.2 disallows all CTL characters in the request header line other than the HTAB character as whitespace.\nThese defects represent a security concern when httpd is participating in any chain of proxies or interacting with back-end application servers, either through mod_proxy or using conventional CGI mechanisms. In each case where one agent accepts such CTL characters and does not treat them as whitespace, there is the possiblity in a proxy chain of generating two responses from a server behind the uncautious proxy agent. In a sequence of two requests, this results in request A to the first proxy being interpreted as requests A + A' by the backend server, and if requests A and B were submitted to the first proxy in a keepalive connection, the proxy may interpret response A' as the response to request B, polluting the cache or potentially serving the A' content to a different downstream user-agent.\nThese defects are addressed with the release of Apache HTTP Server 2.4.25 and coordinated by a new directive; HttpProtocolOptions Strict which is the default behavior of 2.4.25 and later.\nBy toggling from 'Strict' behavior to 'Unsafe' behavior, some of the restrictions may be relaxed to allow some invalid HTTP/1.1 clients to communicate with the server, but this will reintroduce the possibility of the problems described in this assessment. Note that relaxing the behavior to 'Unsafe' will still not permit raw CTLs other than HTAB (where permitted), but will allow other RFC requirements to not be enforced, such as exactly two SP characters in the request line.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8743.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8743","reference_id":"","reference_type":"","scores":[{"value":"0.0978","scoring_system":"epss","scoring_elements":"0.931","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0978","scoring_system":"epss","scoring_elements":"0.93114","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0978","scoring_system":"epss","scoring_elements":"0.93107","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0978","scoring_system":"epss","scoring_elements":"0.93105","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0978","scoring_system":"epss","scoring_elements":"0.93111","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0978","scoring_system":"epss","scoring_elements":"0.9311","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8743"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406822","reference_id":"1406822","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406822"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2016-8743.json","reference_id":"CVE-2016-8743","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2016-8743.json"},{"reference_url":"https://security.gentoo.org/glsa/201701-36","reference_id":"GLSA-201701-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0906","reference_id":"RHSA-2017:0906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1161","reference_id":"RHSA-2017:1161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1413","reference_id":"RHSA-2017:1413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1414","reference_id":"RHSA-2017:1414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1415","reference_id":"RHSA-2017:1415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1721","reference_id":"RHSA-2017:1721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1721"},{"reference_url":"https://usn.ubuntu.com/3279-1/","reference_id":"USN-3279-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3279-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74994?format=json","purl":"pkg:apache/httpd@2.2.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-pj23-hhvw-6ucr"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-um53-bb17-93fp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.32"},{"url":"http://public2.vulnerablecode.io/api/packages/74993?format=json","purl":"pkg:apache/httpd@2.4.25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-3cam-1afg-9bdv"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-54u4-szhc-zycj"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5sf7-wq36-5ye3"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-62uq-vyd8-mfbt"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7bxa-rkrq-dyf7"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-eueu-bt2r-xfaa"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nxt8-4r1p-kuab"},{"vulnerability":"VCID-ny3v-m8gs-3bf2"},{"vulnerability":"VCID-pfpr-8td6-t7dc"},{"vulnerability":"VCID-pj23-hhvw-6ucr"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-t9kh-3weu-qugs"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-ykyn-menc-kbfa"},{"vulnerability":"VCID-yvfg-1nhp-qqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.25"}],"aliases":["CVE-2016-8743"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nn89-pb36-v7ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51030?format=json","vulnerability_id":"VCID-pmn2-fj7y-ubha","summary":"A flaw was found in the handling of the scoreboard. An unprivileged child process could cause the parent process to crash at shutdown rather than terminate cleanly.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0031","reference_id":"","reference_type":"","scores":[{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77849","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77816","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77843","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.7784","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01499","scoring_system":"epss","scoring_elements":"0.81498","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01499","scoring_system":"epss","scoring_elements":"0.81482","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0031"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=773744","reference_id":"773744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=773744"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt","reference_id":"CVE-2012-0031","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/41768.txt"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0031.json","reference_id":"CVE-2012-0031","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0031.json"},{"reference_url":"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/","reference_id":"CVE-2012-0031","reference_type":"exploit","scores":[],"url":"http://www.halfdog.net/Security/2011/ApacheScoreboardInvalidFreeOnShutdown/"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0128","reference_id":"RHSA-2012:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0323","reference_id":"RHSA-2012:0323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74969?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2012-0031"],"risk_score":4.2,"exploitability":"2.0","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pmn2-fj7y-ubha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6539?format=json","vulnerability_id":"VCID-ps1g-6hy7-87dr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3167.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3167","reference_id":"","reference_type":"","scores":[{"value":"0.08717","scoring_system":"epss","scoring_elements":"0.92657","published_at":"2026-06-09T12:55:00Z"},{"value":"0.08717","scoring_system":"epss","scoring_elements":"0.92636","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08717","scoring_system":"epss","scoring_elements":"0.9264","published_at":"2026-06-07T12:55:00Z"},{"value":"0.08717","scoring_system":"epss","scoring_elements":"0.92645","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08717","scoring_system":"epss","scoring_elements":"0.92639","published_at":"2026-06-08T12:55:00Z"},{"value":"0.08717","scoring_system":"epss","scoring_elements":"0.92649","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"},{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463194","reference_id":"1463194","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1463194"},{"reference_url":"https://security.archlinux.org/ASA-201706-34","reference_id":"ASA-201706-34","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-34"},{"reference_url":"https://security.archlinux.org/AVG-316","reference_id":"AVG-316","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-316"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-3167.json","reference_id":"CVE-2017-3167","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-3167.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3475","reference_id":"RHSA-2017:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3476","reference_id":"RHSA-2017:3476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3477","reference_id":"RHSA-2017:3477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3477"},{"reference_url":"https://usn.ubuntu.com/3340-1/","reference_id":"USN-3340-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3340-1/"},{"reference_url":"https://usn.ubuntu.com/3373-1/","reference_id":"USN-3373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74995?format=json","purl":"pkg:apache/httpd@2.2.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-j5r1-q5tv-xqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34"},{"url":"http://public2.vulnerablecode.io/api/packages/74996?format=json","purl":"pkg:apache/httpd@2.4.26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4e1g-urtc-9bd8"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-54u4-szhc-zycj"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5sf7-wq36-5ye3"},{"vulnerability":"VCID-62uq-vyd8-mfbt"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7bxa-rkrq-dyf7"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-eueu-bt2r-xfaa"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nxt8-4r1p-kuab"},{"vulnerability":"VCID-ny3v-m8gs-3bf2"},{"vulnerability":"VCID-pfpr-8td6-t7dc"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-t9kh-3weu-qugs"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-ykyn-menc-kbfa"},{"vulnerability":"VCID-yvfg-1nhp-qqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.26"}],"aliases":["CVE-2017-3167"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ps1g-6hy7-87dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51047?format=json","vulnerability_id":"VCID-rhy7-r84u-gbfc","summary":"A race condition was found in mod_status. An attacker able to access a public server status page on a server using a threaded MPM could send a carefully crafted request which could lead to a heap buffer overflow. Note that it is not a default or recommended configuration to have a public accessible server status page.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0226.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0226","reference_id":"","reference_type":"","scores":[{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98909","published_at":"2026-06-04T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98911","published_at":"2026-06-07T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98912","published_at":"2026-06-06T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.9891","published_at":"2026-06-08T12:55:00Z"},{"value":"0.75444","scoring_system":"epss","scoring_elements":"0.98908","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120603","reference_id":"1120603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1120603"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2014-0226.json","reference_id":"CVE-2014-0226","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2014-0226.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt","reference_id":"CVE-2014-0226;OSVDB-109216","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34133.txt"},{"reference_url":"https://security.gentoo.org/glsa/201408-12","reference_id":"GLSA-201408-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-12"},{"reference_url":"https://security.gentoo.org/glsa/201504-03","reference_id":"GLSA-201504-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0920","reference_id":"RHSA-2014:0920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0921","reference_id":"RHSA-2014:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0922","reference_id":"RHSA-2014:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1019","reference_id":"RHSA-2014:1019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1020","reference_id":"RHSA-2014:1020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1021","reference_id":"RHSA-2014:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1086","reference_id":"RHSA-2014:1086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1087","reference_id":"RHSA-2014:1087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1088","reference_id":"RHSA-2014:1088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1088"},{"reference_url":"https://usn.ubuntu.com/2299-1/","reference_id":"USN-2299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74983?format=json","purl":"pkg:apache/httpd@2.2.29","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.29"},{"url":"http://public2.vulnerablecode.io/api/packages/74982?format=json","purl":"pkg:apache/httpd@2.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-tmjs-99hk-syat"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-x5nj-5bsv-aqeh"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.10"}],"aliases":["CVE-2014-0226"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rhy7-r84u-gbfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51023?format=json","vulnerability_id":"VCID-t1ad-c6y2-rueb","summary":"A flaw was found in the apr_fnmatch() function of the bundled APR library. Where mod_autoindex is enabled, and a directory indexed by mod_autoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could be used in a denial of service attack.\nWorkaround: Setting the 'IgnoreClient' option to the 'IndexOptions' directive disables processing of the client-supplied request query arguments, preventing this attack.\nResolution: Update APR to release 1.4.5 (bundled with httpd 2.2.19) or release 0.9.20 (bundled with httpd 2.0.65)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0419.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0419","reference_id":"","reference_type":"","scores":[{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97814","published_at":"2026-06-04T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97818","published_at":"2026-06-05T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97819","published_at":"2026-06-06T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.9782","published_at":"2026-06-09T12:55:00Z"},{"value":"0.48782","scoring_system":"epss","scoring_elements":"0.97821","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0419"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=703390","reference_id":"703390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=703390"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2011-0419.json","reference_id":"CVE-2011-0419","reference_type":"","scores":[{"value":"moderate","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2011-0419.json"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php","reference_id":"CVE-2011-0419;OSVDB-73383","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35738.php"},{"reference_url":"https://www.securityfocus.com/bid/47820/info","reference_id":"CVE-2011-0419;OSVDB-73383","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/47820/info"},{"reference_url":"https://security.gentoo.org/glsa/201405-24","reference_id":"GLSA-201405-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0507","reference_id":"RHSA-2011:0507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0507"},{"reference_url":"https://usn.ubuntu.com/1134-1/","reference_id":"USN-1134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1134-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74966?format=json","purl":"pkg:apache/httpd@2.2.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5h45-6kty-ffhm"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-72zv-psyw-vbh7"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-cqa7-5n1m-4kem"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-da7f-7vn1-gffu"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-eb5e-gswe-r7ac"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kb48-61na-cyap"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-pmn2-fj7y-ubha"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wey2-jc8u-zudk"},{"vulnerability":"VCID-yqbj-upd2-fbc6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.19"}],"aliases":["CVE-2011-0419"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1ad-c6y2-rueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51032?format=json","vulnerability_id":"VCID-t8c4-wnuw-6bfd","summary":"Insecure handling of LD_LIBRARY_PATH was found that could lead to the current working directory to be searched for DSOs. This could allow a local user to execute code as root if an administrator runs apachectl from an untrusted directory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0883","reference_id":"","reference_type":"","scores":[{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.4156","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41477","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41553","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41508","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.4153","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41498","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0883"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=813559","reference_id":"813559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=813559"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0883.json","reference_id":"CVE-2012-0883","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0883.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1594","reference_id":"RHSA-2012:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1594"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74971?format=json","purl":"pkg:apache/httpd@2.2.23","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.23"},{"url":"http://public2.vulnerablecode.io/api/packages/74972?format=json","purl":"pkg:apache/httpd@2.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-26s8-29m8-s7cy"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-875s-qd97-wbga"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-9hz8-j6ce-2bca"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-ae9b-t3e7-hyhc"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-snas-xc79-mkge"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-xd6e-12jd-pufb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.2"}],"aliases":["CVE-2012-0883"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t8c4-wnuw-6bfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4527?format=json","vulnerability_id":"VCID-um53-bb17-93fp","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9788","reference_id":"","reference_type":"","scores":[{"value":"0.49498","scoring_system":"epss","scoring_elements":"0.97852","published_at":"2026-06-05T12:55:00Z"},{"value":"0.49498","scoring_system":"epss","scoring_elements":"0.97853","published_at":"2026-06-09T12:55:00Z"},{"value":"0.49498","scoring_system":"epss","scoring_elements":"0.97849","published_at":"2026-06-04T12:55:00Z"},{"value":"0.49498","scoring_system":"epss","scoring_elements":"0.97854","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9788"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:P"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470748","reference_id":"1470748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470748"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467","reference_id":"868467","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868467"},{"reference_url":"https://security.archlinux.org/ASA-201707-15","reference_id":"ASA-201707-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-15"},{"reference_url":"https://security.archlinux.org/AVG-350","reference_id":"AVG-350","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-350"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2017-9788.json","reference_id":"CVE-2017-9788","reference_type":"","scores":[{"value":"important","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2017-9788.json"},{"reference_url":"https://security.gentoo.org/glsa/201710-32","reference_id":"GLSA-201710-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2478","reference_id":"RHSA-2017:2478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2479","reference_id":"RHSA-2017:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2483","reference_id":"RHSA-2017:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2708","reference_id":"RHSA-2017:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2709","reference_id":"RHSA-2017:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2710","reference_id":"RHSA-2017:2710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3193","reference_id":"RHSA-2017:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3194","reference_id":"RHSA-2017:3194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3195","reference_id":"RHSA-2017:3195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3239","reference_id":"RHSA-2017:3239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3240","reference_id":"RHSA-2017:3240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3240"},{"reference_url":"https://usn.ubuntu.com/3370-1/","reference_id":"USN-3370-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3370-1/"},{"reference_url":"https://usn.ubuntu.com/3370-2/","reference_id":"USN-3370-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3370-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74995?format=json","purl":"pkg:apache/httpd@2.2.34","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-j5r1-q5tv-xqcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.34"},{"url":"http://public2.vulnerablecode.io/api/packages/74997?format=json","purl":"pkg:apache/httpd@2.4.27","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-54u4-szhc-zycj"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5sf7-wq36-5ye3"},{"vulnerability":"VCID-62uq-vyd8-mfbt"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7bxa-rkrq-dyf7"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-eueu-bt2r-xfaa"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nxt8-4r1p-kuab"},{"vulnerability":"VCID-ny3v-m8gs-3bf2"},{"vulnerability":"VCID-pfpr-8td6-t7dc"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-t9kh-3weu-qugs"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"},{"vulnerability":"VCID-ykyn-menc-kbfa"},{"vulnerability":"VCID-yvfg-1nhp-qqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.27"}],"aliases":["CVE-2017-9788"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-um53-bb17-93fp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51055?format=json","vulnerability_id":"VCID-vb2q-wweb-37gz","summary":"An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3183","reference_id":"","reference_type":"","scores":[{"value":"0.24118","scoring_system":"epss","scoring_elements":"0.96171","published_at":"2026-06-04T12:55:00Z"},{"value":"0.24118","scoring_system":"epss","scoring_elements":"0.96177","published_at":"2026-06-05T12:55:00Z"},{"value":"0.24118","scoring_system":"epss","scoring_elements":"0.9618","published_at":"2026-06-08T12:55:00Z"},{"value":"0.24118","scoring_system":"epss","scoring_elements":"0.96186","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243887","reference_id":"1243887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1243887"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2015-3183.json","reference_id":"CVE-2015-3183","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2015-3183.json"},{"reference_url":"https://security.gentoo.org/glsa/201610-02","reference_id":"GLSA-201610-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1666","reference_id":"RHSA-2015:1666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1667","reference_id":"RHSA-2015:1667","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1668","reference_id":"RHSA-2015:1668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2661","reference_id":"RHSA-2015:2661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2661"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0061","reference_id":"RHSA-2016:0061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0062","reference_id":"RHSA-2016:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2054","reference_id":"RHSA-2016:2054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2055","reference_id":"RHSA-2016:2055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2056","reference_id":"RHSA-2016:2056","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2056"},{"reference_url":"https://usn.ubuntu.com/2686-1/","reference_id":"USN-2686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2686-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74986?format=json","purl":"pkg:apache/httpd@2.2.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-um53-bb17-93fp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.31"},{"url":"http://public2.vulnerablecode.io/api/packages/74985?format=json","purl":"pkg:apache/httpd@2.4.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-2pj8-zfdd-tufx"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-52q8-y1bq-nqe2"},{"vulnerability":"VCID-5qj8-vuec-h3fg"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-68uu-wm68-zkfb"},{"vulnerability":"VCID-7pxa-tvz9-u7ht"},{"vulnerability":"VCID-7u6p-2mtv-33an"},{"vulnerability":"VCID-9q1t-7c6j-t3dh"},{"vulnerability":"VCID-aj4u-27vr-9ugt"},{"vulnerability":"VCID-bmyw-jdh2-17d3"},{"vulnerability":"VCID-bp2p-twzt-wkap"},{"vulnerability":"VCID-bzpc-s4tb-1yhg"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-hk7s-5xmv-1kca"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-kaw2-gdzq-4qdm"},{"vulnerability":"VCID-ndjs-6nmc-9yg1"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-nyqj-yfjw-23dd"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-pzum-j7as-bkbk"},{"vulnerability":"VCID-r4tp-y16c-57ak"},{"vulnerability":"VCID-saux-awas-mfau"},{"vulnerability":"VCID-t8aa-rv68-fkg5"},{"vulnerability":"VCID-tgwb-8x2b-abfy"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-wmmz-e7c5-1ye1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.4.16"}],"aliases":["CVE-2015-3183"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vb2q-wweb-37gz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51036?format=json","vulnerability_id":"VCID-wey2-jc8u-zudk","summary":"A flaw was found when mod_proxy_ajp connects to a backend server that takes too long to respond. Given a specific configuration, a remote attacker could send certain requests, putting a backend server into an error state until the retry timeout expired. This could lead to a temporary denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4557.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4557.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4557","reference_id":"","reference_type":"","scores":[{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96375","published_at":"2026-06-04T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96379","published_at":"2026-06-05T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96384","published_at":"2026-06-08T12:55:00Z"},{"value":"0.25967","scoring_system":"epss","scoring_elements":"0.96389","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4557"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=871685","reference_id":"871685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=871685"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-4557.json","reference_id":"CVE-2012-4557","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-4557.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0512","reference_id":"RHSA-2013:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0512"},{"reference_url":"https://usn.ubuntu.com/1765-1/","reference_id":"USN-1765-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1765-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74969?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2012-4557"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wey2-jc8u-zudk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51029?format=json","vulnerability_id":"VCID-yqbj-upd2-fbc6","summary":"A flaw was found in mod_log_config. If the '%{cookiename}C' log format string is in use, a remote attacker could send a specific cookie causing a crash. This crash would only be a denial of service if using a threaded MPM.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0021.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0021.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0021","reference_id":"","reference_type":"","scores":[{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.9699","published_at":"2026-06-06T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96983","published_at":"2026-06-04T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96988","published_at":"2026-06-05T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96995","published_at":"2026-06-09T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96992","published_at":"2026-06-07T12:55:00Z"},{"value":"0.3296","scoring_system":"epss","scoring_elements":"0.96991","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0021"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=785065","reference_id":"785065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=785065"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2012-0021.json","reference_id":"CVE-2012-0021","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2012-0021.json"},{"reference_url":"https://security.gentoo.org/glsa/201206-25","reference_id":"GLSA-201206-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0542","reference_id":"RHSA-2012:0542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0543","reference_id":"RHSA-2012:0543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0543"},{"reference_url":"https://usn.ubuntu.com/1368-1/","reference_id":"USN-1368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74969?format=json","purl":"pkg:apache/httpd@2.2.22","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-189a-yyhy-q7ds"},{"vulnerability":"VCID-1cpt-rd7f-8qhk"},{"vulnerability":"VCID-1xb5-reys-d7fb"},{"vulnerability":"VCID-4yze-nb6e-8yav"},{"vulnerability":"VCID-5y32-wcg3-sybr"},{"vulnerability":"VCID-6b2z-q7qe-gbeg"},{"vulnerability":"VCID-7pxs-sc8s-8fg2"},{"vulnerability":"VCID-8qu7-pwaj-yqhq"},{"vulnerability":"VCID-b44m-f3y9-kqag"},{"vulnerability":"VCID-csqk-utue-9yeq"},{"vulnerability":"VCID-duan-fz4r-uydy"},{"vulnerability":"VCID-f4m5-bj25-pbhy"},{"vulnerability":"VCID-fg75-4dwv-9qb5"},{"vulnerability":"VCID-j5r1-q5tv-xqcp"},{"vulnerability":"VCID-m4t4-3fjk-s3gq"},{"vulnerability":"VCID-nn89-pb36-v7ds"},{"vulnerability":"VCID-ps1g-6hy7-87dr"},{"vulnerability":"VCID-rhy7-r84u-gbfc"},{"vulnerability":"VCID-t8c4-wnuw-6bfd"},{"vulnerability":"VCID-um53-bb17-93fp"},{"vulnerability":"VCID-vb2q-wweb-37gz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.22"}],"aliases":["CVE-2012-0021"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yqbj-upd2-fbc6"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:apache/httpd@2.2.18"}