Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-y2ux-nm69-uuam
Summary
The Apache Tomcat Connector (mod_jk) contains a buffer overflow
    vulnerability that could result in the remote execution of arbitrary code.
Aliases
0
alias CVE-2007-0774
Fixed_packages
0
url pkg:deb/debian/libapache-mod-jk@1:1.2.21-1?distro=trixie
purl pkg:deb/debian/libapache-mod-jk@1:1.2.21-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.21-1%3Fdistro=trixie
1
url pkg:deb/debian/libapache-mod-jk@1:1.2.26-2%2Blenny1
purl pkg:deb/debian/libapache-mod-jk@1:1.2.26-2%2Blenny1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2t-jyg7-gbev
1
vulnerability VCID-43bm-gb6c-9ugb
2
vulnerability VCID-hkjk-hbt1-q7cd
3
vulnerability VCID-k4yh-s3ds-m7er
4
vulnerability VCID-neum-zker-wbe2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.26-2%252Blenny1
2
url pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.48-1%252Bdeb11u1%3Fdistro=trixie
3
url pkg:deb/debian/libapache-mod-jk@1:1.2.48-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/libapache-mod-jk@1:1.2.48-2%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.48-2%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/libapache-mod-jk@1:1.2.50-1?distro=trixie
purl pkg:deb/debian/libapache-mod-jk@1:1.2.50-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.50-1%3Fdistro=trixie
5
url pkg:ebuild/www-apache/mod_jk@1.2.21-r1
purl pkg:ebuild/www-apache/mod_jk@1.2.21-r1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-apache/mod_jk@1.2.21-r1
Affected_packages
0
url pkg:deb/debian/libapache-mod-jk@1:1.2.5-2sarge1
purl pkg:deb/debian/libapache-mod-jk@1:1.2.5-2sarge1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2t-jyg7-gbev
1
vulnerability VCID-43bm-gb6c-9ugb
2
vulnerability VCID-9p71-wr2h-4qdp
3
vulnerability VCID-hkjk-hbt1-q7cd
4
vulnerability VCID-k4yh-s3ds-m7er
5
vulnerability VCID-neum-zker-wbe2
6
vulnerability VCID-y2ux-nm69-uuam
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.5-2sarge1
1
url pkg:deb/debian/libapache-mod-jk@1:1.2.18-3
purl pkg:deb/debian/libapache-mod-jk@1:1.2.18-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2t-jyg7-gbev
1
vulnerability VCID-43bm-gb6c-9ugb
2
vulnerability VCID-9p71-wr2h-4qdp
3
vulnerability VCID-hkjk-hbt1-q7cd
4
vulnerability VCID-k4yh-s3ds-m7er
5
vulnerability VCID-neum-zker-wbe2
6
vulnerability VCID-y2ux-nm69-uuam
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.18-3
2
url pkg:deb/debian/libapache-mod-jk@1:1.2.18-3etch2
purl pkg:deb/debian/libapache-mod-jk@1:1.2.18-3etch2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2n2t-jyg7-gbev
1
vulnerability VCID-43bm-gb6c-9ugb
2
vulnerability VCID-9p71-wr2h-4qdp
3
vulnerability VCID-hkjk-hbt1-q7cd
4
vulnerability VCID-k4yh-s3ds-m7er
5
vulnerability VCID-neum-zker-wbe2
6
vulnerability VCID-y2ux-nm69-uuam
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libapache-mod-jk@1:1.2.18-3etch2
3
url pkg:rpm/redhat/mod_jk@1.2.20-1.el4s1?arch=2
purl pkg:rpm/redhat/mod_jk@1.2.20-1.el4s1?arch=2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-y2ux-nm69-uuam
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mod_jk@1.2.20-1.el4s1%3Farch=2
References
0
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
reference_id
reference_type
scores
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0774.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0774.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0774
reference_id
reference_type
scores
0
value 0.88357
scoring_system epss
scoring_elements 0.99498
published_at 2026-04-16T12:55:00Z
1
value 0.88357
scoring_system epss
scoring_elements 0.9949
published_at 2026-04-01T12:55:00Z
2
value 0.88357
scoring_system epss
scoring_elements 0.99489
published_at 2026-04-02T12:55:00Z
3
value 0.88357
scoring_system epss
scoring_elements 0.99491
published_at 2026-04-04T12:55:00Z
4
value 0.88357
scoring_system epss
scoring_elements 0.99493
published_at 2026-04-07T12:55:00Z
5
value 0.88357
scoring_system epss
scoring_elements 0.99494
published_at 2026-04-08T12:55:00Z
6
value 0.88357
scoring_system epss
scoring_elements 0.99495
published_at 2026-04-13T12:55:00Z
7
value 0.88357
scoring_system epss
scoring_elements 0.99496
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0774
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0774
4
reference_url http://secunia.com/advisories/24398
reference_id
reference_type
scores
url http://secunia.com/advisories/24398
5
reference_url http://secunia.com/advisories/24558
reference_id
reference_type
scores
url http://secunia.com/advisories/24558
6
reference_url http://secunia.com/advisories/27037
reference_id
reference_type
scores
url http://secunia.com/advisories/27037
7
reference_url http://secunia.com/advisories/28711
reference_id
reference_type
scores
url http://secunia.com/advisories/28711
8
reference_url http://securitytracker.com/id?1017719
reference_id
reference_type
scores
url http://securitytracker.com/id?1017719
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/32794
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/32794
10
reference_url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/277d42b48b6e9aef50949c0dcc79ce21693091d73da246b3c1981925%40%3Cdev.tomcat.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/5b7a23e245c93235c503900da854a143596d901bf1a1f67e851a5de4%40%3Cdev.tomcat.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/8d2a579bbd977c225c70cb23b0ec54865fb0dab5da3eff1e060c9935%40%3Cdev.tomcat.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ba661b0edd913b39ff129a32d855620dd861883ade05fd88a8ce517d%40%3Cdev.tomcat.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r5c616dfc49156e4b06ffab842800c80f4425924d0f20c452c127a53c%40%3Cdev.tomcat.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf8e8c091182b45daa50d3557cad9b10bb4198e3f08cf8f1c66a1b08d%40%3Cdev.tomcat.apache.org%3E
16
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5513
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5513
17
reference_url http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html
reference_id
reference_type
scores
url http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html
18
reference_url http://tomcat.apache.org/security-jk.html
reference_id
reference_type
scores
url http://tomcat.apache.org/security-jk.html
19
reference_url http://www.cisco.com/en/US/products/products_security_advisory09186a008093f040.shtml
reference_id
reference_type
scores
url http://www.cisco.com/en/US/products/products_security_advisory09186a008093f040.shtml
20
reference_url http://www.gentoo.org/security/en/glsa/glsa-200703-16.xml
reference_id
reference_type
scores
url http://www.gentoo.org/security/en/glsa/glsa-200703-16.xml
21
reference_url http://www.redhat.com/support/errata/RHSA-2007-0096.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2007-0096.html
22
reference_url http://www.securityfocus.com/archive/1/461734/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/461734/100/0/threaded
23
reference_url http://www.securityfocus.com/bid/22791
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/22791
24
reference_url http://www.vupen.com/english/advisories/2007/0809
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/0809
25
reference_url http://www.vupen.com/english/advisories/2007/3386
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/3386
26
reference_url http://www.vupen.com/english/advisories/2008/0331
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/0331
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618272
reference_id 1618272
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618272
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat_jk_web_server_connector:1.2.19:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat_jk_web_server_connector:1.2.19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat_jk_web_server_connector:1.2.19:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat_jk_web_server_connector:1.2.20:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:tomcat_jk_web_server_connector:1.2.20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat_jk_web_server_connector:1.2.20:*:*:*:*:*:*:*
30
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4162.c
reference_id CVE-2007-0774
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/4162.c
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-0774
reference_id CVE-2007-0774
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2007-0774
32
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16798.rb
reference_id CVE-2007-0774;OSVDB-33855
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16798.rb
33
reference_url http://www.zerodayinitiative.com/advisories/ZDI-07-008.html
reference_id CVE-2007-0774;OSVDB-33855
reference_type exploit
scores
url http://www.zerodayinitiative.com/advisories/ZDI-07-008.html
34
reference_url https://security.gentoo.org/glsa/200703-16
reference_id GLSA-200703-16
reference_type
scores
url https://security.gentoo.org/glsa/200703-16
35
reference_url https://access.redhat.com/errata/RHSA-2007:0096
reference_id RHSA-2007:0096
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0096
36
reference_url https://access.redhat.com/errata/RHSA-2007:0164
reference_id RHSA-2007:0164
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0164
Weaknesses
Exploits
0
date_added 2010-07-25
description Apache Tomcat mod_jk 1.2.20 - Remote Buffer Overflow (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2010-07-25
exploit_type remote
platform windows
source_date_updated 2016-10-27
data_source Exploit-DB
source_url http://www.zerodayinitiative.com/advisories/ZDI-07-008.html
1
date_added null
description 
This is a stack buffer overflow exploit for mod_jk 1.2.20.
          Should work on any Win32 OS.
required_action null
due_date null
notes 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2007-03-02
exploit_type null
platform Windows
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/http/apache_modjk_overflow.rb
Severity_range_score7.5 - 7.5
Exploitability2.0
Weighted_severity6.8
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-y2ux-nm69-uuam