Search for vulnerabilities
Vulnerability details: VCID-31ng-guzx-8bag
Vulnerability ID VCID-31ng-guzx-8bag
Aliases CVE-2015-0228
Summary A stack recursion crash in the mod_lua module was found. A Lua script executing the r:wsupgrade() function could crash the process if a malicious client sent a carefully crafted PING request. This issue affected releases 2.4.7 through 2.4.12 inclusive.
Status Published
Exploitability 0.5
Weighted Severity 2.1
Risk 1.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.04742 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.04742 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.04742 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.10734 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.13905 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.13905 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.13905 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.13905 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.13905 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.13905 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
epss 0.13905 https://api.first.org/data/v1/epss?cve=CVE-2015-0228
apache_httpd low https://httpd.apache.org/security/json/CVE-2015-0228.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0228.json
https://api.first.org/data/v1/epss?cve=CVE-2015-0228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228
1202988 https://bugzilla.redhat.com/show_bug.cgi?id=1202988
CVE-2015-0228 https://httpd.apache.org/security/json/CVE-2015-0228.json
RHSA-2015:1666 https://access.redhat.com/errata/RHSA-2015:1666
USN-2523-1 https://usn.ubuntu.com/2523-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.89086
EPSS Score 0.04742
Published At Aug. 1, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:29:00.491979+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2015-0228.json 37.0.0