Search for vulnerabilities
Vulnerability details: VCID-95dj-xyyq-f3d1
Vulnerability ID VCID-95dj-xyyq-f3d1
Aliases CVE-2008-0456
Summary Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled.
Status Published
Exploitability 0.5
Weighted Severity 2.1
Risk 1.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.0661 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.0661 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.08706 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
epss 0.14344 https://api.first.org/data/v1/epss?cve=CVE-2008-0456
apache_httpd low https://httpd.apache.org/security/json/CVE-2008-0456.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0456.json
https://api.first.org/data/v1/epss?cve=CVE-2008-0456
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0456
879292 https://bugzilla.redhat.com/show_bug.cgi?id=879292
CVE-2008-0456 https://httpd.apache.org/security/json/CVE-2008-0456.json
RHSA-2013:0130 https://access.redhat.com/errata/RHSA-2013:0130
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.9086
EPSS Score 0.0661
Published At Aug. 2, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:28:48.578837+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2008-0456.json 37.0.0