Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-dnxd-x42g-2qcu

Summary

Multiple vulnerabilities have been found in lighttpd, allowing
    remote attackers cause a Denial of Service condition or execute arbitrary
    SQL statements.

Aliases

alias	CVE-2012-5533

Fixed_packages

url	pkg:deb/debian/lighttpd@1.4.31-2?distro=trixie
purl	pkg:deb/debian/lighttpd@1.4.31-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-2%3Fdistro=trixie

url pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4

purl pkg:deb/debian/lighttpd@1.4.31-4%2Bdeb7u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-392a-57u1-mqcx

vulnerability	VCID-3mv4-zscp-uke6

vulnerability	VCID-7t19-jqkx-83du

vulnerability	VCID-8sn2-9v3z-5qd8

vulnerability	VCID-dj2j-yr1r-myej

vulnerability	VCID-ebx8-yzbr-57ew

vulnerability	VCID-ewrp-7up7-9qf3

vulnerability	VCID-gt7s-kr68-5fer

vulnerability	VCID-ma83-g8ra-47bd

vulnerability	VCID-nabb-9r87-mbhw

vulnerability	VCID-r76c-k624-v7fe

vulnerability	VCID-rz5g-r2e9-9kgw

vulnerability	VCID-uk6q-31q8-qqf9

vulnerability	VCID-wfbv-rpt2-9bcs

vulnerability	VCID-xap5-djda-2uem

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.31-4%252Bdeb7u4

url	pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/lighttpd@1.4.69-1?distro=trixie
purl	pkg:deb/debian/lighttpd@1.4.69-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.69-1%3Fdistro=trixie

url	pkg:deb/debian/lighttpd@1.4.79-2?distro=trixie
purl	pkg:deb/debian/lighttpd@1.4.79-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.79-2%3Fdistro=trixie

url	pkg:deb/debian/lighttpd@1.4.82-2?distro=trixie
purl	pkg:deb/debian/lighttpd@1.4.82-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.82-2%3Fdistro=trixie

url	pkg:ebuild/www-servers/lighttpd@1.4.35
purl	pkg:ebuild/www-servers/lighttpd@1.4.35
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/lighttpd@1.4.35

Affected_packages

url pkg:deb/debian/lighttpd@1.4.13-4

purl pkg:deb/debian/lighttpd@1.4.13-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17xt-wfmb-6ba3

vulnerability	VCID-2ym1-hzpb-67bp

vulnerability	VCID-392a-57u1-mqcx

vulnerability	VCID-3mv4-zscp-uke6

vulnerability	VCID-4252-bxgf-pqgq

vulnerability	VCID-483h-5atk-dfgs

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-7t19-jqkx-83du

vulnerability	VCID-8sn2-9v3z-5qd8

vulnerability	VCID-a11f-ydyr-6bcd

vulnerability	VCID-bzf1-xw3k-qud7

vulnerability	VCID-d983-1g2v-h7e9

vulnerability	VCID-dj2j-yr1r-myej

vulnerability	VCID-dnxd-x42g-2qcu

vulnerability	VCID-e1yx-dxa6-1bba

vulnerability	VCID-ebx8-yzbr-57ew

vulnerability	VCID-eetd-2zwu-fud5

vulnerability	VCID-ewrp-7up7-9qf3

vulnerability	VCID-gt7s-kr68-5fer

vulnerability	VCID-h1bj-mx6t-6kav

vulnerability	VCID-hc9c-1c4k-wqh1

vulnerability	VCID-j8ey-bqzd-hqce

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-ma83-g8ra-47bd

vulnerability	VCID-mmey-1ydv-nfha

vulnerability	VCID-muqu-fzs6-jqbd

vulnerability	VCID-nabb-9r87-mbhw

vulnerability	VCID-ntx6-vp4b-nbdk

vulnerability	VCID-r76c-k624-v7fe

vulnerability	VCID-rjf6-heyy-5kce

vulnerability	VCID-rjpt-cjmu-43fu

vulnerability	VCID-rz5g-r2e9-9kgw

vulnerability	VCID-uk6q-31q8-qqf9

vulnerability	VCID-wfbv-rpt2-9bcs

vulnerability	VCID-xap5-djda-2uem

vulnerability	VCID-xejg-te5s-wfax

vulnerability	VCID-z3wv-cgxn-cyfs

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.13-4

url pkg:deb/debian/lighttpd@1.4.13-4etch12

purl pkg:deb/debian/lighttpd@1.4.13-4etch12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-17xt-wfmb-6ba3

vulnerability	VCID-2ym1-hzpb-67bp

vulnerability	VCID-392a-57u1-mqcx

vulnerability	VCID-3mv4-zscp-uke6

vulnerability	VCID-4252-bxgf-pqgq

vulnerability	VCID-483h-5atk-dfgs

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-7t19-jqkx-83du

vulnerability	VCID-8sn2-9v3z-5qd8

vulnerability	VCID-a11f-ydyr-6bcd

vulnerability	VCID-bzf1-xw3k-qud7

vulnerability	VCID-d983-1g2v-h7e9

vulnerability	VCID-dj2j-yr1r-myej

vulnerability	VCID-dnxd-x42g-2qcu

vulnerability	VCID-e1yx-dxa6-1bba

vulnerability	VCID-ebx8-yzbr-57ew

vulnerability	VCID-eetd-2zwu-fud5

vulnerability	VCID-ewrp-7up7-9qf3

vulnerability	VCID-gt7s-kr68-5fer

vulnerability	VCID-h1bj-mx6t-6kav

vulnerability	VCID-hc9c-1c4k-wqh1

vulnerability	VCID-j8ey-bqzd-hqce

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-ma83-g8ra-47bd

vulnerability	VCID-mmey-1ydv-nfha

vulnerability	VCID-muqu-fzs6-jqbd

vulnerability	VCID-nabb-9r87-mbhw

vulnerability	VCID-ntx6-vp4b-nbdk

vulnerability	VCID-r76c-k624-v7fe

vulnerability	VCID-rjf6-heyy-5kce

vulnerability	VCID-rjpt-cjmu-43fu

vulnerability	VCID-rz5g-r2e9-9kgw

vulnerability	VCID-uk6q-31q8-qqf9

vulnerability	VCID-wfbv-rpt2-9bcs

vulnerability	VCID-xap5-djda-2uem

vulnerability	VCID-xejg-te5s-wfax

vulnerability	VCID-z3wv-cgxn-cyfs

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.13-4etch12

url pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3

purl pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-392a-57u1-mqcx

vulnerability	VCID-3mv4-zscp-uke6

vulnerability	VCID-4252-bxgf-pqgq

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-7t19-jqkx-83du

vulnerability	VCID-8sn2-9v3z-5qd8

vulnerability	VCID-dj2j-yr1r-myej

vulnerability	VCID-dnxd-x42g-2qcu

vulnerability	VCID-e1yx-dxa6-1bba

vulnerability	VCID-ebx8-yzbr-57ew

vulnerability	VCID-eetd-2zwu-fud5

vulnerability	VCID-ewrp-7up7-9qf3

vulnerability	VCID-gt7s-kr68-5fer

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-ma83-g8ra-47bd

vulnerability	VCID-muqu-fzs6-jqbd

vulnerability	VCID-nabb-9r87-mbhw

vulnerability	VCID-r76c-k624-v7fe

vulnerability	VCID-rz5g-r2e9-9kgw

vulnerability	VCID-uk6q-31q8-qqf9

vulnerability	VCID-wfbv-rpt2-9bcs

vulnerability	VCID-xap5-djda-2uem

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3

url pkg:deb/debian/lighttpd@1.4.28-2%2Bsqueeze1.6

purl pkg:deb/debian/lighttpd@1.4.28-2%2Bsqueeze1.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-392a-57u1-mqcx

vulnerability	VCID-3mv4-zscp-uke6

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-7t19-jqkx-83du

vulnerability	VCID-8sn2-9v3z-5qd8

vulnerability	VCID-dj2j-yr1r-myej

vulnerability	VCID-dnxd-x42g-2qcu

vulnerability	VCID-e1yx-dxa6-1bba

vulnerability	VCID-ebx8-yzbr-57ew

vulnerability	VCID-eetd-2zwu-fud5

vulnerability	VCID-ewrp-7up7-9qf3

vulnerability	VCID-gt7s-kr68-5fer

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-ma83-g8ra-47bd

vulnerability	VCID-muqu-fzs6-jqbd

vulnerability	VCID-nabb-9r87-mbhw

vulnerability	VCID-r76c-k624-v7fe

vulnerability	VCID-rz5g-r2e9-9kgw

vulnerability	VCID-uk6q-31q8-qqf9

vulnerability	VCID-wfbv-rpt2-9bcs

vulnerability	VCID-xap5-djda-2uem

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.28-2%252Bsqueeze1.6

url pkg:deb/debian/lighttpd@1.4.28-2%2Bsqueeze1.7

purl pkg:deb/debian/lighttpd@1.4.28-2%2Bsqueeze1.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-392a-57u1-mqcx

vulnerability	VCID-3mv4-zscp-uke6

vulnerability	VCID-4mqa-bkha-kbaj

vulnerability	VCID-7t19-jqkx-83du

vulnerability	VCID-8sn2-9v3z-5qd8

vulnerability	VCID-dj2j-yr1r-myej

vulnerability	VCID-dnxd-x42g-2qcu

vulnerability	VCID-e1yx-dxa6-1bba

vulnerability	VCID-ebx8-yzbr-57ew

vulnerability	VCID-eetd-2zwu-fud5

vulnerability	VCID-ewrp-7up7-9qf3

vulnerability	VCID-gt7s-kr68-5fer

vulnerability	VCID-jau7-gfz8-dkfa

vulnerability	VCID-ma83-g8ra-47bd

vulnerability	VCID-muqu-fzs6-jqbd

vulnerability	VCID-nabb-9r87-mbhw

vulnerability	VCID-r76c-k624-v7fe

vulnerability	VCID-rz5g-r2e9-9kgw

vulnerability	VCID-uk6q-31q8-qqf9

vulnerability	VCID-wfbv-rpt2-9bcs

vulnerability	VCID-xap5-djda-2uem

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.28-2%252Bsqueeze1.7

References

reference_url	http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch
reference_id
reference_type
scores
url	http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch

reference_url	http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt
reference_id
reference_type
scores
url	http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt

reference_url	http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html

reference_url	http://marc.info/?l=bugtraq&m=141576815022399&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=141576815022399&w=2

reference_url	http://osvdb.org/87623
reference_id
reference_type
scores
url	http://osvdb.org/87623

reference_url	http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html
reference_id
reference_type
scores
url	http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-5533

reference_id

reference_type

scores

value	0.37913
scoring_system	epss
scoring_elements	0.97209
published_at	2026-04-13T12:55:00Z

value	0.37913
scoring_system	epss
scoring_elements	0.97208
published_at	2026-04-11T12:55:00Z

value	0.39102
scoring_system	epss
scoring_elements	0.97264
published_at	2026-04-04T12:55:00Z

value	0.39102
scoring_system	epss
scoring_elements	0.97253
published_at	2026-04-01T12:55:00Z

value	0.39102
scoring_system	epss
scoring_elements	0.97272
published_at	2026-04-08T12:55:00Z

value	0.39102
scoring_system	epss
scoring_elements	0.97273
published_at	2026-04-09T12:55:00Z

value	0.39102
scoring_system	epss
scoring_elements	0.97265
published_at	2026-04-07T12:55:00Z

value	0.39102
scoring_system	epss
scoring_elements	0.97259
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-5533

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533

reference_url	http://secunia.com/advisories/51268
reference_id
reference_type
scores
url	http://secunia.com/advisories/51268

reference_url	http://secunia.com/advisories/51298
reference_id
reference_type
scores
url	http://secunia.com/advisories/51298

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/80213
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/80213

reference_url	https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345
reference_id
reference_type
scores
url	https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345

reference_url	http://www.exploit-db.com/exploits/22902
reference_id
reference_type
scores
url	http://www.exploit-db.com/exploits/22902

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:100
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:100

reference_url	http://www.openwall.com/lists/oss-security/2012/11/21/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/11/21/1

reference_url	http://www.securityfocus.com/bid/56619
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/56619

reference_url	http://www.securitytracker.com/id?1027802
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1027802

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.31:::::::*
reference_id	cpe:2.3:a:lighttpd:lighttpd:1.4.31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.32:::::::*
reference_id	cpe:2.3:a:lighttpd:lighttpd:1.4.32:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:1.4.32:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-5533

reference_id

CVE-2012-5533

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2012-5533

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22902.sh
reference_id	CVE-2012-5533;OSVDB-87623
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22902.sh

reference_url	https://security.gentoo.org/glsa/201406-10
reference_id	GLSA-201406-10
reference_type
scores
url	https://security.gentoo.org/glsa/201406-10

Weaknesses

cwe_id	399
name	Resource Management Errors
description	Weaknesses in this category are related to improper management of system resources.

Exploits

date_added	2012-11-22
description	lighttpd 1.4.31 - Denial of Service (PoC)
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`false`
source_date_published	2012-11-22
exploit_type	dos
platform	linux
source_date_updated	2012-11-22
data_source	Exploit-DB
source_url

Severity_range_score 5.0 - 5.0

Exploitability 2.0

Weighted_severity 4.5

Risk_score 9.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dnxd-x42g-2qcu

Vulnerability Instance