{"url":"http://public2.vulnerablecode.io/api/packages/77884?format=json","purl":"pkg:ebuild/www-servers/apache@2.2.8","type":"ebuild","namespace":"www-servers","name":"apache","version":"2.2.8","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.2.9","latest_non_vulnerable_version":"2.4.62","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3700?format=json","vulnerability_id":"VCID-115r-fep2-fyfm","summary":"A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6422.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6422","reference_id":"","reference_type":"","scores":[{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.902","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90155","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90158","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.9017","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90176","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90191","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90197","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90206","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05471","scoring_system":"epss","scoring_elements":"0.90205","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6422"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427230","reference_id":"427230","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427230"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2007-6422.json","reference_id":"CVE-2007-6422","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2007-6422.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77884?format=json","purl":"pkg:ebuild/www-servers/apache@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.8"}],"aliases":["CVE-2007-6422"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-115r-fep2-fyfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49478?format=json","vulnerability_id":"VCID-741u-yuv6-nkcy","summary":"Multiple vulnerabilities have been discovered in Apache.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0455.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0455.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0455","reference_id":"","reference_type":"","scores":[{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.9789","published_at":"2026-04-01T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97895","published_at":"2026-04-02T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97897","published_at":"2026-04-04T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.979","published_at":"2026-04-07T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97905","published_at":"2026-04-08T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97908","published_at":"2026-04-09T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97911","published_at":"2026-04-11T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97912","published_at":"2026-04-12T12:55:00Z"},{"value":"0.5197","scoring_system":"epss","scoring_elements":"0.97913","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0455"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0455","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0455"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794","reference_id":"850794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=850794"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31052.java","reference_id":"CVE-2008-0455;OSVDB-41019","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31052.java"},{"reference_url":"https://www.securityfocus.com/bid/27409/info","reference_id":"CVE-2008-0455;OSVDB-41019","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/27409/info"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1591","reference_id":"RHSA-2012:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1592","reference_id":"RHSA-2012:1592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1594","reference_id":"RHSA-2012:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0130","reference_id":"RHSA-2013:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0512","reference_id":"RHSA-2013:0512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0512"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77884?format=json","purl":"pkg:ebuild/www-servers/apache@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.8"}],"aliases":["CVE-2008-0455"],"risk_score":1.0,"exploitability":"2.0","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-741u-yuv6-nkcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49477?format=json","vulnerability_id":"VCID-d83x-xe6y-dufr","summary":"Multiple vulnerabilities have been discovered in Apache.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6203.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6203","reference_id":"","reference_type":"","scores":[{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98777","published_at":"2026-04-01T12:55:00Z"},{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98778","published_at":"2026-04-02T12:55:00Z"},{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98781","published_at":"2026-04-04T12:55:00Z"},{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98784","published_at":"2026-04-09T12:55:00Z"},{"value":"0.73143","scoring_system":"epss","scoring_elements":"0.98785","published_at":"2026-04-08T12:55:00Z"},{"value":"0.73543","scoring_system":"epss","scoring_elements":"0.98803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.73543","scoring_system":"epss","scoring_elements":"0.98804","published_at":"2026-04-12T12:55:00Z"},{"value":"0.73543","scoring_system":"epss","scoring_elements":"0.98805","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=409831","reference_id":"409831","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=409831"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/30835.sh","reference_id":"CVE-2007-6203;OSVDB-39003","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/30835.sh"},{"reference_url":"https://www.securityfocus.com/bid/26663/info","reference_id":"CVE-2007-6203;OSVDB-39003","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/26663/info"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://usn.ubuntu.com/731-1/","reference_id":"USN-731-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/731-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77884?format=json","purl":"pkg:ebuild/www-servers/apache@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.8"}],"aliases":["CVE-2007-6203"],"risk_score":1.4,"exploitability":"2.0","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d83x-xe6y-dufr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3702?format=json","vulnerability_id":"VCID-hcjv-md55-3fcr","summary":"Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0456.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0456.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0456","reference_id":"","reference_type":"","scores":[{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91595","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91554","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91561","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91567","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91575","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07199","scoring_system":"epss","scoring_elements":"0.91588","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07643","scoring_system":"epss","scoring_elements":"0.91885","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07643","scoring_system":"epss","scoring_elements":"0.91888","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07643","scoring_system":"epss","scoring_elements":"0.91889","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=879292","reference_id":"879292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=879292"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-0456.json","reference_id":"CVE-2008-0456","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-0456.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0130","reference_id":"RHSA-2013:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0130"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77884?format=json","purl":"pkg:ebuild/www-servers/apache@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.8"}],"aliases":["CVE-2008-0456"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hcjv-md55-3fcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3701?format=json","vulnerability_id":"VCID-ss79-kcpu-mqd5","summary":"A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005","reference_id":"","reference_type":"","scores":[{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85758","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85683","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85695","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.8572","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85739","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.8575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85765","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0265","scoring_system":"epss","scoring_elements":"0.85761","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739","reference_id":"427739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=427739"},{"reference_url":"https://httpd.apache.org/security/json/CVE-2008-0005.json","reference_id":"CVE-2008-0005","reference_type":"","scores":[{"value":"low","scoring_system":"apache_httpd","scoring_elements":""}],"url":"https://httpd.apache.org/security/json/CVE-2008-0005.json"},{"reference_url":"https://security.gentoo.org/glsa/200803-19","reference_id":"GLSA-200803-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0004","reference_id":"RHSA-2008:0004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0005","reference_id":"RHSA-2008:0005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0006","reference_id":"RHSA-2008:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0007","reference_id":"RHSA-2008:0007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0008","reference_id":"RHSA-2008:0008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0008"},{"reference_url":"https://usn.ubuntu.com/575-1/","reference_id":"USN-575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/575-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77884?format=json","purl":"pkg:ebuild/www-servers/apache@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.8"}],"aliases":["CVE-2008-0005"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ss79-kcpu-mqd5"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/apache@2.2.8"}