{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","type":"deb","namespace":"debian","name":"libapache2-mod-auth-mellon","version":"0.18.1-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.19.1-1","latest_non_vulnerable_version":"0.19.1-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86069?format=json","vulnerability_id":"VCID-93eu-h6xf-uuf7","summary":"mod_auth_mellon: remote memory disclosure flaw","references":[{"reference_url":"http://linux.oracle.com/errata/ELSA-2014-1803.html","reference_id":"","reference_type":"","scores":[],"url":"http://linux.oracle.com/errata/ELSA-2014-1803.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1803.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1803.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8566.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8566.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8566","reference_id":"","reference_type":"","scores":[{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76258","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.761","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76103","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76136","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76115","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76148","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76161","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76187","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76163","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.7616","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76202","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76205","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76188","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76227","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76237","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76249","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8566"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8566","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8566"},{"reference_url":"http://secunia.com/advisories/62094","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62094"},{"reference_url":"http://secunia.com/advisories/62125","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62125"},{"reference_url":"https://github.com/UNINETT/mod_auth_mellon/releases/tag/v0.8.1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/UNINETT/mod_auth_mellon/releases/tag/v0.8.1"},{"reference_url":"https://postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"https://postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1157281","reference_id":"1157281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1157281"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8566","reference_id":"CVE-2014-8566","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1803","reference_id":"RHSA-2014:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1803"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/926754?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.9.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.9.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926755?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926756?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1%3Fdistro=trixie"}],"aliases":["CVE-2014-8566"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-93eu-h6xf-uuf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84522?format=json","vulnerability_id":"VCID-a7h3-ujsg-vqhu","summary":"mod_auth_mellon: Cross-site session transfer vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6807.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6807","reference_id":"","reference_type":"","scores":[{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58278","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58364","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58384","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58358","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.5841","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58417","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58434","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58413","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58394","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58426","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.5843","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58408","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.5837","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58381","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58366","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58332","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6807"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1431670","reference_id":"1431670","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1431670"},{"reference_url":"https://usn.ubuntu.com/4597-1/","reference_id":"USN-4597-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4597-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/926759?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926755?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926756?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1%3Fdistro=trixie"}],"aliases":["CVE-2017-6807"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7h3-ujsg-vqhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79403?format=json","vulnerability_id":"VCID-bbdx-48p2-4fhw","summary":"security update","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0959","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHBA-2019:0959"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3878.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3878.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3878","reference_id":"","reference_type":"","scores":[{"value":"0.02011","scoring_system":"epss","scoring_elements":"0.83798","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02011","scoring_system":"epss","scoring_elements":"0.837","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02011","scoring_system":"epss","scoring_elements":"0.83735","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02011","scoring_system":"epss","scoring_elements":"0.83736","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02011","scoring_system":"epss","scoring_elements":"0.83737","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02011","scoring_system":"epss","scoring_elements":"0.83761","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02011","scoring_system":"epss","scoring_elements":"0.83769","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02011","scoring_system":"epss","scoring_elements":"0.83776","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02334","scoring_system":"epss","scoring_elements":"0.84832","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02334","scoring_system":"epss","scoring_elements":"0.84851","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02334","scoring_system":"epss","scoring_elements":"0.84848","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02334","scoring_system":"epss","scoring_elements":"0.84768","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02334","scoring_system":"epss","scoring_elements":"0.84802","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02334","scoring_system":"epss","scoring_elements":"0.84804","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02334","scoring_system":"epss","scoring_elements":"0.84826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02334","scoring_system":"epss","scoring_elements":"0.84783","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3878"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3878","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3878"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3878","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3878"},{"reference_url":"https://github.com/Uninett/mod_auth_mellon/pull/196","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Uninett/mod_auth_mellon/pull/196"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691126","reference_id":"1691126","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691126"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925197","reference_id":"925197","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925197"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*","reference_id":"cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3878","reference_id":"CVE-2019-3878","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0746","reference_id":"RHSA-2019:0746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0766","reference_id":"RHSA-2019:0766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0985","reference_id":"RHSA-2019:0985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0985"},{"reference_url":"https://usn.ubuntu.com/3924-1/","reference_id":"USN-3924-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3924-1/"},{"reference_url":"https://usn.ubuntu.com/4597-1/","reference_id":"USN-4597-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4597-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/926761?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926755?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926756?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-3878"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbdx-48p2-4fhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85300?format=json","vulnerability_id":"VCID-bj59-cvh7-bkdg","summary":"mod_auth_mellon: Missing error check when calling ap_get_client_block()","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2145.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2145","reference_id":"","reference_type":"","scores":[{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74192","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74199","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.7407","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74075","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74102","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74074","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74106","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74121","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74143","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74125","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74118","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74157","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74166","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74156","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.74191","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00804","scoring_system":"epss","scoring_elements":"0.742","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2145"},{"reference_url":"https://github.com/UNINETT/mod_auth_mellon/pull/71","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/UNINETT/mod_auth_mellon/pull/71"},{"reference_url":"https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315739","reference_id":"1315739","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315739"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2145","reference_id":"CVE-2016-2145","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2145"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/926758?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926755?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926756?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2145"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bj59-cvh7-bkdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82466?format=json","vulnerability_id":"VCID-hb2c-3rxv-3kgk","summary":"mod_auth_mellon: Open Redirect via the login?ReturnTo= substring which could facilitate information theft","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13038.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13038.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13038","reference_id":"","reference_type":"","scores":[{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68814","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68786","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68796","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68775","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68823","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68829","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68836","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69105","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69076","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69009","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69027","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69047","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69028","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69078","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69097","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.6912","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13038"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13038"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1725740","reference_id":"1725740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1725740"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931265","reference_id":"931265","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1003","reference_id":"RHSA-2020:1003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1660","reference_id":"RHSA-2020:1660","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1660"},{"reference_url":"https://usn.ubuntu.com/4291-1/","reference_id":"USN-4291-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4291-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/926760?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.15.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.15.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926755?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926756?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13038"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hb2c-3rxv-3kgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80125?format=json","vulnerability_id":"VCID-q6td-hjpx-uyba","summary":"mod_auth_mellon: Open Redirect vulnerability in logout URLs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3639.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3639.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3639","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41368","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.4146","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41487","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41415","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41464","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41473","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41494","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41462","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41447","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.4149","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41389","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.4128","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41275","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41196","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41059","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3639"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3639","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3639"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1980648","reference_id":"1980648","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1980648"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991730","reference_id":"991730","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1934","reference_id":"RHSA-2022:1934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1934"},{"reference_url":"https://usn.ubuntu.com/5069-1/","reference_id":"USN-5069-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5069-1/"},{"reference_url":"https://usn.ubuntu.com/5069-2/","reference_id":"USN-5069-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5069-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/926755?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926762?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926756?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1%3Fdistro=trixie"}],"aliases":["CVE-2021-3639"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6td-hjpx-uyba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86070?format=json","vulnerability_id":"VCID-swf4-zhn8-57fg","summary":"mod_auth_mellon: logout processing leads to denial of service","references":[{"reference_url":"http://linux.oracle.com/errata/ELSA-2014-1803.html","reference_id":"","reference_type":"","scores":[],"url":"http://linux.oracle.com/errata/ELSA-2014-1803.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1803.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-1803.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8567.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8567.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8567","reference_id":"","reference_type":"","scores":[{"value":"0.03599","scoring_system":"epss","scoring_elements":"0.87818","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03599","scoring_system":"epss","scoring_elements":"0.878","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03599","scoring_system":"epss","scoring_elements":"0.87807","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03599","scoring_system":"epss","scoring_elements":"0.87804","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88128","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88134","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88143","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88078","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88137","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.8815","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88148","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88087","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88103","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03824","scoring_system":"epss","scoring_elements":"0.88108","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8567"},{"reference_url":"http://secunia.com/advisories/62094","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62094"},{"reference_url":"http://secunia.com/advisories/62125","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62125"},{"reference_url":"https://github.com/UNINETT/mod_auth_mellon/commit/0f5b4fd860fa7e3a6c47201637aab05395f32647","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/UNINETT/mod_auth_mellon/commit/0f5b4fd860fa7e3a6c47201637aab05395f32647"},{"reference_url":"https://postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"https://postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1157954","reference_id":"1157954","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1157954"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8567","reference_id":"CVE-2014-8567","reference_type":"","scores":[{"value":"9.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-8567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1803","reference_id":"RHSA-2014:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1803"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/926757?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.9.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.9.0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926755?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926756?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1%3Fdistro=trixie"}],"aliases":["CVE-2014-8567"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swf4-zhn8-57fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79402?format=json","vulnerability_id":"VCID-tbkm-srgg-67g7","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3877.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3877.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3877","reference_id":"","reference_type":"","scores":[{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74194","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74315","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74314","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74323","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74322","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74199","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74226","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74231","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74246","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74268","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74242","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74279","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74289","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00811","scoring_system":"epss","scoring_elements":"0.74281","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3877"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3878","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3878"},{"reference_url":"https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8"},{"reference_url":"https://github.com/Uninett/mod_auth_mellon/issues/35","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Uninett/mod_auth_mellon/issues/35"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691125","reference_id":"1691125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691125"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*","reference_id":"cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3877","reference_id":"CVE-2019-3877","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0766","reference_id":"RHSA-2019:0766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3421","reference_id":"RHSA-2019:3421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3421"},{"reference_url":"https://usn.ubuntu.com/3924-1/","reference_id":"USN-3924-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3924-1/"},{"reference_url":"https://usn.ubuntu.com/4597-1/","reference_id":"USN-4597-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4597-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/926761?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.14.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926755?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926756?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-3877"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbkm-srgg-67g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85301?format=json","vulnerability_id":"VCID-z18x-abc1-nyek","summary":"mod_auth_mellon: Failure to limit amount of POST data submitted by client","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179085.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2146.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2146.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2146","reference_id":"","reference_type":"","scores":[{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70879","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70897","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70746","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70761","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70779","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70755","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70799","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70815","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70838","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70822","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70806","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70852","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70858","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70836","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70889","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00649","scoring_system":"epss","scoring_elements":"0.70899","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2146"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2146","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2146"},{"reference_url":"https://github.com/UNINETT/mod_auth_mellon/pull/71","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/UNINETT/mod_auth_mellon/pull/71"},{"reference_url":"https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"https://sympa.uninett.no/lists/uninett.no/arc/modmellon/2016-03/msg00000.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315747","reference_id":"1315747","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315747"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uninett:mod_auth_mellon:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2146","reference_id":"CVE-2016-2146","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2146"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/926758?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.12.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926755?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.17.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926753?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/926756?format=json","purl":"pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.19.1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2146"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z18x-abc1-nyek"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache2-mod-auth-mellon@0.18.1-1%3Fdistro=trixie"}