{"url":"http://public2.vulnerablecode.io/api/packages/929454?format=json","purl":"pkg:deb/debian/lighttpd@1.4.16-1?distro=trixie","type":"deb","namespace":"debian","name":"lighttpd","version":"1.4.16-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.4.18-1","latest_non_vulnerable_version":"1.4.82-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49216?format=json","vulnerability_id":"VCID-483h-5atk-dfgs","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3947","reference_id":"","reference_type":"","scores":[{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94866","published_at":"2026-04-01T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94875","published_at":"2026-04-02T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94878","published_at":"2026-04-04T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.9488","published_at":"2026-04-07T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94888","published_at":"2026-04-08T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94893","published_at":"2026-04-09T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94897","published_at":"2026-04-11T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94901","published_at":"2026-04-13T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94908","published_at":"2026-04-16T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94912","published_at":"2026-04-18T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94915","published_at":"2026-04-29T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94916","published_at":"2026-04-26T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94923","published_at":"2026-05-05T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.9493","published_at":"2026-05-07T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94939","published_at":"2026-05-09T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94945","published_at":"2026-05-11T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.9495","published_at":"2026-05-12T12:55:00Z"},{"value":"0.16486","scoring_system":"epss","scoring_elements":"0.94961","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3947"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428368","reference_id":"428368","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428368"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/30322.rb","reference_id":"CVE-2007-3947;OSVDB-38313","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/30322.rb"},{"reference_url":"https://www.securityfocus.com/bid/24967/info","reference_id":"CVE-2007-3947;OSVDB-38313","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/24967/info"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/929454?format=json","purl":"pkg:deb/debian/lighttpd@1.4.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929451?format=json","purl":"pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929449?format=json","purl":"pkg:deb/debian/lighttpd@1.4.69-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.69-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929453?format=json","purl":"pkg:deb/debian/lighttpd@1.4.79-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.79-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929452?format=json","purl":"pkg:deb/debian/lighttpd@1.4.82-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.82-2%3Fdistro=trixie"}],"aliases":["CVE-2007-3947"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-483h-5atk-dfgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49218?format=json","vulnerability_id":"VCID-a11f-ydyr-6bcd","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3949","reference_id":"","reference_type":"","scores":[{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69632","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69645","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.6966","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69638","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69689","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69728","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69713","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.6974","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69749","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.6973","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69781","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69789","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69794","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69769","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69812","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69842","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69838","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.69888","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3949"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888","reference_id":"434888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/929454?format=json","purl":"pkg:deb/debian/lighttpd@1.4.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929451?format=json","purl":"pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929449?format=json","purl":"pkg:deb/debian/lighttpd@1.4.69-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.69-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929453?format=json","purl":"pkg:deb/debian/lighttpd@1.4.79-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.79-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929452?format=json","purl":"pkg:deb/debian/lighttpd@1.4.82-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.82-2%3Fdistro=trixie"}],"aliases":["CVE-2007-3949"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a11f-ydyr-6bcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49215?format=json","vulnerability_id":"VCID-mmey-1ydv-nfha","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3946","reference_id":"","reference_type":"","scores":[{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89308","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89313","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89326","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89328","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89345","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89349","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89358","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89354","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89351","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89365","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89362","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89379","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89384","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89387","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89396","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89414","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89427","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89426","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89436","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04694","scoring_system":"epss","scoring_elements":"0.89457","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3946"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888","reference_id":"434888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/929454?format=json","purl":"pkg:deb/debian/lighttpd@1.4.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929451?format=json","purl":"pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929449?format=json","purl":"pkg:deb/debian/lighttpd@1.4.69-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.69-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929453?format=json","purl":"pkg:deb/debian/lighttpd@1.4.79-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.79-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929452?format=json","purl":"pkg:deb/debian/lighttpd@1.4.82-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.82-2%3Fdistro=trixie"}],"aliases":["CVE-2007-3946"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mmey-1ydv-nfha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49217?format=json","vulnerability_id":"VCID-rjf6-heyy-5kce","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3948","reference_id":"","reference_type":"","scores":[{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83527","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.8354","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83554","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83555","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83588","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83603","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83597","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83593","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83627","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83628","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83653","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.8366","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83663","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.8524","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.85266","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.85286","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.8528","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.85295","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.85331","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3948"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888","reference_id":"434888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/929454?format=json","purl":"pkg:deb/debian/lighttpd@1.4.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929451?format=json","purl":"pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929449?format=json","purl":"pkg:deb/debian/lighttpd@1.4.69-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.69-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929453?format=json","purl":"pkg:deb/debian/lighttpd@1.4.79-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.79-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929452?format=json","purl":"pkg:deb/debian/lighttpd@1.4.82-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.82-2%3Fdistro=trixie"}],"aliases":["CVE-2007-3948"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjf6-heyy-5kce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49219?format=json","vulnerability_id":"VCID-rjpt-cjmu-43fu","summary":"Several vulnerabilities were reported in Lighttpd, most of them allowing a\n    Denial of Service and potentially the remote execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3950","reference_id":"","reference_type":"","scores":[{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82509","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82523","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82538","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82561","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82569","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82587","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82581","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82575","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82611","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82612","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82616","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82637","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82647","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01754","scoring_system":"epss","scoring_elements":"0.82653","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84355","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.8438","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84397","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84395","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84412","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84444","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3950"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888","reference_id":"434888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888"},{"reference_url":"https://security.gentoo.org/glsa/200708-11","reference_id":"GLSA-200708-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/929454?format=json","purl":"pkg:deb/debian/lighttpd@1.4.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929451?format=json","purl":"pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929449?format=json","purl":"pkg:deb/debian/lighttpd@1.4.69-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.69-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929453?format=json","purl":"pkg:deb/debian/lighttpd@1.4.79-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.79-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929452?format=json","purl":"pkg:deb/debian/lighttpd@1.4.82-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.82-2%3Fdistro=trixie"}],"aliases":["CVE-2007-3950"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjpt-cjmu-43fu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.16-1%3Fdistro=trixie"}