Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/nginx@0?distro=trixie

Type deb

Namespace debian

Name nginx

Version 0

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.7.61-3

Latest_non_vulnerable_version 1.28.3-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-49q7-zqwm-hqgx

vulnerability_id VCID-49q7-zqwm-hqgx

summary Vulnerabilities with Windows directory aliases

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4963

reference_id

reference_type

scores

value	0.0031
scoring_system	epss
scoring_elements	0.54184
published_at	2026-04-13T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54102
published_at	2026-04-01T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54119
published_at	2026-04-02T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54148
published_at	2026-04-04T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54124
published_at	2026-04-07T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54175
published_at	2026-04-08T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54173
published_at	2026-04-09T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54222
published_at	2026-04-11T12:55:00Z

value	0.0031
scoring_system	epss
scoring_elements	0.54205
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4963

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2011-4963
reference_id	CVE-2011-4963
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2011-4963

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2011-4963

risk_score 1.8

exploitability 0.5

weighted_severity 3.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-49q7-zqwm-hqgx

url VCID-8mzu-swrb-sqd8

vulnerability_id VCID-8mzu-swrb-sqd8

summary Buffer overwrite in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32760.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32760.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-32760

reference_id

reference_type

scores

value	0.00483
scoring_system	epss
scoring_elements	0.65228
published_at	2026-04-13T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65256
published_at	2026-04-12T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65268
published_at	2026-04-11T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.6525
published_at	2026-04-09T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65238
published_at	2026-04-08T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65188
published_at	2026-04-07T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65197
published_at	2026-04-02T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65222
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-32760

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283933
reference_id	2283933
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283933

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-32760
reference_id	CVE-2024-32760
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-32760

reference_url

https://my.f5.com/manage/s/article/K000139609

reference_id

K000139609

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/

url

https://my.f5.com/manage/s/article/K000139609

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_id

MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

reference_id

R7RPLWC35WHEUFCGKNFG62ESNID25TEZ

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:25:43Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-32760

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8mzu-swrb-sqd8

url VCID-9kx7-1dn9-dbdt

vulnerability_id VCID-9kx7-1dn9-dbdt

summary Stack-based buffer overflow with specially crafted request

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105176.html

reference_url	http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html
reference_id
reference_type
scores
url	http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html

reference_url	http://nginx.org/download/patch.2013.chunked.txt
reference_id
reference_type
scores
url	http://nginx.org/download/patch.2013.chunked.txt

reference_url	http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/121675/Nginx-1.3.9-1.4.0-Denial-Of-Service.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-2028

reference_id

reference_type

scores

value	0.93039
scoring_system	epss
scoring_elements	0.99787
published_at	2026-04-13T12:55:00Z

value	0.93137
scoring_system	epss
scoring_elements	0.99795
published_at	2026-04-04T12:55:00Z

value	0.93137
scoring_system	epss
scoring_elements	0.99796
published_at	2026-04-08T12:55:00Z

value	0.93137
scoring_system	epss
scoring_elements	0.99797
published_at	2026-04-09T12:55:00Z

value	0.93137
scoring_system	epss
scoring_elements	0.99794
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2028

reference_url	http://secunia.com/advisories/55181
reference_id
reference_type
scores
url	http://secunia.com/advisories/55181

reference_url	http://security.gentoo.org/glsa/glsa-201310-04.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201310-04.xml

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/rapid7/metasploit-framework/pull/1834
reference_id
reference_type
scores
url	https://github.com/rapid7/metasploit-framework/pull/1834

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html

reference_url	https://nginx.org/download/patch.2013.chunked.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.chunked.txt

reference_url	https://nginx.org/download/patch.2013.chunked.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2013.chunked.txt.asc

reference_url	http://www.osvdb.org/93037
reference_id
reference_type
scores
url	http://www.osvdb.org/93037

reference_url	http://www.securityfocus.com/bid/59699
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/59699

reference_url	http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/
reference_id
reference_type
scores
url	http://www.vnsecurity.net/2013/05/analysis-of-nginx-cve-2013-2028/

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/remote/32277.txt
reference_id	CVE-2013-2028
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86-64/remote/32277.txt

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-2028

reference_id

CVE-2013-2028

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-2028

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/25499.py
reference_id	CVE-2013-2028;OSVDB-93037
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/25499.py

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25775.rb
reference_id	CVE-2013-2028;OSVDB-93037
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25775.rb

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/26737.pl
reference_id	CVE-2013-2028;OSVDB-93037
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux_x86/remote/26737.pl

reference_url	https://security.gentoo.org/glsa/201310-04
reference_id	GLSA-201310-04
reference_type
scores
url	https://security.gentoo.org/glsa/201310-04

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2013-2028

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9kx7-1dn9-dbdt

url VCID-k9vm-jbxf-dbf8

vulnerability_id VCID-k9vm-jbxf-dbf8

summary Stack overflow and use-after-free in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31079.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31079.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-31079

reference_id

reference_type

scores

value	0.00483
scoring_system	epss
scoring_elements	0.65228
published_at	2026-04-13T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65256
published_at	2026-04-12T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65268
published_at	2026-04-11T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.6525
published_at	2026-04-09T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65238
published_at	2026-04-08T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65188
published_at	2026-04-07T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65197
published_at	2026-04-02T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65222
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-31079

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283940
reference_id	2283940
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283940

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-31079
reference_id	CVE-2024-31079
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-31079

reference_url

https://my.f5.com/manage/s/article/K000139611

reference_id

K000139611

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/

url

https://my.f5.com/manage/s/article/K000139611

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_id

MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

reference_id

R7RPLWC35WHEUFCGKNFG62ESNID25TEZ

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:38:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-31079

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k9vm-jbxf-dbf8

url VCID-n3pn-h7s7-nfd4

vulnerability_id VCID-n3pn-h7s7-nfd4

summary Use-after-free in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24990.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24990.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24990

reference_id

reference_type

scores

value	0.00182
scoring_system	epss
scoring_elements	0.39902
published_at	2026-04-13T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39879
published_at	2026-04-07T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39934
published_at	2026-04-08T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39948
published_at	2026-04-09T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39958
published_at	2026-04-11T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39922
published_at	2026-04-12T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39929
published_at	2026-04-02T12:55:00Z

value	0.00182
scoring_system	epss
scoring_elements	0.39956
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24990

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2264298
reference_id	2264298
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2264298

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:18:51Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-24990
reference_id	CVE-2024-24990
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-24990

reference_url	https://security.gentoo.org/glsa/202409-32
reference_id	GLSA-202409-32
reference_type
scores
url	https://security.gentoo.org/glsa/202409-32

reference_url

https://my.f5.com/manage/s/article/K000138445

reference_id

K000138445

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:18:51Z/

url

https://my.f5.com/manage/s/article/K000138445

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-1?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-24990

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n3pn-h7s7-nfd4

url VCID-p1nx-cfx1-jqh3

vulnerability_id VCID-p1nx-cfx1-jqh3

summary SPDY memory corruption

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0088.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0088.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0088

reference_id

reference_type

scores

value	0.02642
scoring_system	epss
scoring_elements	0.85643
published_at	2026-04-01T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85655
published_at	2026-04-02T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85673
published_at	2026-04-04T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.8568
published_at	2026-04-07T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85699
published_at	2026-04-08T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.8571
published_at	2026-04-09T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85725
published_at	2026-04-11T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85721
published_at	2026-04-12T12:55:00Z

value	0.02642
scoring_system	epss
scoring_elements	0.85718
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0088

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html

reference_url	https://nginx.org/download/patch.2014.spdy.txt
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.spdy.txt

reference_url	https://nginx.org/download/patch.2014.spdy.txt.asc
reference_id
reference_type
scores
url	https://nginx.org/download/patch.2014.spdy.txt.asc

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1072546
reference_id	1072546
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1072546

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2014-0088
reference_id	CVE-2014-0088
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2014-0088

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2014-0088

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1nx-cfx1-jqh3

url VCID-pchd-6b6f-myds

vulnerability_id VCID-pchd-6b6f-myds

summary Memory disclosure in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34161.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34161.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-34161

reference_id

reference_type

scores

value	0.00719
scoring_system	epss
scoring_elements	0.72456
published_at	2026-04-13T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72466
published_at	2026-04-12T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72484
published_at	2026-04-11T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72461
published_at	2026-04-09T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72448
published_at	2026-04-08T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.7241
published_at	2026-04-07T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72415
published_at	2026-04-02T12:55:00Z

value	0.00719
scoring_system	epss
scoring_elements	0.72433
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-34161

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283926
reference_id	2283926
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283926

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-34161
reference_id	CVE-2024-34161
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-34161

reference_url

https://my.f5.com/manage/s/article/K000139627

reference_id

K000139627

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/

url

https://my.f5.com/manage/s/article/K000139627

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_id

MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

reference_id

R7RPLWC35WHEUFCGKNFG62ESNID25TEZ

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:37:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-34161

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pchd-6b6f-myds

url VCID-pq29-p7wp-bqe3

vulnerability_id VCID-pq29-p7wp-bqe3

summary NULL pointer dereference in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35200.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-35200.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-35200

reference_id

reference_type

scores

value	0.00433
scoring_system	epss
scoring_elements	0.62807
published_at	2026-04-13T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.6283
published_at	2026-04-12T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62841
published_at	2026-04-11T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62823
published_at	2026-04-09T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62806
published_at	2026-04-08T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62755
published_at	2026-04-07T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62761
published_at	2026-04-02T12:55:00Z

value	0.00433
scoring_system	epss
scoring_elements	0.62791
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-35200

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_id

reference_type

scores

value	medium
scoring_system	generic_textual
scoring_elements

url

https://mailman.nginx.org/pipermail/nginx-announce/2024/GMY32CSHFH6VFTN76HJNX7WNEX4RLHF6.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283919
reference_id	2283919
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283919

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-35200
reference_id	CVE-2024-35200
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-35200

reference_url

https://my.f5.com/manage/s/article/K000139612

reference_id

K000139612

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/

url

https://my.f5.com/manage/s/article/K000139612

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_id

MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MLAOKJWDALQZBIV3WKGPJ6T5Z56D3PRD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

reference_id

R7RPLWC35WHEUFCGKNFG62ESNID25TEZ

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-29T18:35:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7RPLWC35WHEUFCGKNFG62ESNID25TEZ/

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-2%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-35200

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pq29-p7wp-bqe3

url VCID-r6yw-nrv5-aycy

vulnerability_id VCID-r6yw-nrv5-aycy

summary Vulnerabilities with Windows file default stream

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2263

reference_id

reference_type

scores

value	0.44217
scoring_system	epss
scoring_elements	0.9755
published_at	2026-04-13T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97526
published_at	2026-04-01T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97532
published_at	2026-04-02T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97535
published_at	2026-04-04T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97536
published_at	2026-04-07T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97542
published_at	2026-04-08T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97543
published_at	2026-04-09T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97546
published_at	2026-04-11T12:55:00Z

value	0.44217
scoring_system	epss
scoring_elements	0.97549
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2263

reference_url	http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html
reference_id
reference_type
scores
url	http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html

reference_url	http://www.exploit-db.com/exploits/13818
reference_id
reference_type
scores
url	http://www.exploit-db.com/exploits/13818

reference_url	http://www.exploit-db.com/exploits/13822
reference_id
reference_type
scores
url	http://www.exploit-db.com/exploits/13822

reference_url	http://www.securityfocus.com/bid/40760
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/40760

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*
reference_id	cpe:2.3:o:microsoft:windows:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2263

reference_id

CVE-2010-2263

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2263

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt
reference_id	CVE-2010-2263;OSVDB-65531
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13822.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt
reference_id	CVE-2010-2266;CVE-2010-2263;OSVDB-65531;OSVDB-65530
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/13818.txt

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2010-2263

risk_score 9.0

exploitability 2.0

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r6yw-nrv5-aycy

url VCID-saph-cq2z-ubga

vulnerability_id VCID-saph-cq2z-ubga

summary NULL pointer dereference in HTTP/3

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24989.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24989.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24989

reference_id

reference_type

scores

value	0.00646
scoring_system	epss
scoring_elements	0.70708
published_at	2026-04-13T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70656
published_at	2026-04-07T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70701
published_at	2026-04-08T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70717
published_at	2026-04-09T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.7074
published_at	2026-04-11T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70724
published_at	2026-04-12T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.7066
published_at	2026-04-02T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.70678
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24989

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html
reference_id
reference_type
scores
url	https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2264290
reference_id	2264290
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2264290

reference_url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:42:02Z/

url

http://www.openwall.com/lists/oss-security/2024/05/30/4

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2024-24989
reference_id	CVE-2024-24989
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2024-24989

reference_url	https://security.gentoo.org/glsa/202409-32
reference_id	GLSA-202409-32
reference_type
scores
url	https://security.gentoo.org/glsa/202409-32

reference_url

https://my.f5.com/manage/s/article/K000138444

reference_id

K000138444

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:42:02Z/

url

https://my.f5.com/manage/s/article/K000138444

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.26.0-1?distro=trixie
purl	pkg:deb/debian/nginx@1.26.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.0-1%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-24989

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-saph-cq2z-ubga

url VCID-su8w-6wa4-u3gp

vulnerability_id VCID-su8w-6wa4-u3gp

summary Vulnerabilities with invalid UTF-8 sequence on Windows

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2266

reference_id

reference_type

scores

value	0.07262
scoring_system	epss
scoring_elements	0.9164
published_at	2026-04-13T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91598
published_at	2026-04-01T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91605
published_at	2026-04-02T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91611
published_at	2026-04-04T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91619
published_at	2026-04-07T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91631
published_at	2026-04-08T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91638
published_at	2026-04-09T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91641
published_at	2026-04-11T12:55:00Z

value	0.07262
scoring_system	epss
scoring_elements	0.91643
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2266

reference_url	http://www.exploit-db.com/exploits/13818/
reference_id
reference_type
scores
url	http://www.exploit-db.com/exploits/13818/

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::
reference_id	cpe:2.3:a:f5:nginx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:f5:nginx::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2266

reference_id

CVE-2010-2266

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2266

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2010-2266

risk_score 9.0

exploitability 2.0

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-su8w-6wa4-u3gp

url VCID-w6nj-1hnj-kbf6

vulnerability_id VCID-w6nj-1hnj-kbf6

summary When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-39792

reference_id

reference_type

scores

value	0.01364
scoring_system	epss
scoring_elements	0.80177
published_at	2026-04-13T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80181
published_at	2026-04-09T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.802
published_at	2026-04-11T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80185
published_at	2026-04-12T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80136
published_at	2026-04-02T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80156
published_at	2026-04-04T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80144
published_at	2026-04-07T12:55:00Z

value	0.01364
scoring_system	epss
scoring_elements	0.80173
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-39792

reference_url

https://my.f5.com/manage/s/article/K000140108

reference_id

K000140108

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	8.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-15T13:59:03Z/

url

https://my.f5.com/manage/s/article/K000140108

fixed_packages

url	pkg:deb/debian/nginx@0?distro=trixie
purl	pkg:deb/debian/nginx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

url pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/nginx@1.18.0-6.1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-d1c6-dt2p-9kaa

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-hemy-pnpj-sfg3

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.18.0-6.1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/nginx@1.22.1-9%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.22.1-9%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/nginx@1.26.3-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2cu7-pyw5-t3dm

vulnerability	VCID-3czf-dtzg-8kdm

vulnerability	VCID-fmvd-vyt7-mkfk

vulnerability	VCID-kpjx-rrjs-subs

vulnerability	VCID-sxf9-qr1j-u3et

vulnerability	VCID-z3xb-4krg-rbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.26.3-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
purl	pkg:deb/debian/nginx@1.28.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@1.28.3-2%3Fdistro=trixie

aliases CVE-2024-39792

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6nj-1hnj-kbf6

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nginx@0%3Fdistro=trixie

Package Instance