Search for vulnerabilities
Vulnerability details: VCID-kbrm-xf3u-ybf7
Vulnerability ID VCID-kbrm-xf3u-ybf7
Aliases CVE-2009-1191
Summary An information disclosure flaw was found in mod_proxy_ajp in version 2.2.11 only. In certain situations, if a user sent a carefully crafted HTTP request, the server could return a response intended for another user.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.09351 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.14981 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.14981 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.14981 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.14981 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.14981 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.14981 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.14981 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
epss 0.14981 https://api.first.org/data/v1/epss?cve=CVE-2009-1191
apache_httpd important https://httpd.apache.org/security/json/CVE-2009-1191.json
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1191.json
https://api.first.org/data/v1/epss?cve=CVE-2009-1191
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1191
496801 https://bugzilla.redhat.com/show_bug.cgi?id=496801
CVE-2009-1191 https://httpd.apache.org/security/json/CVE-2009-1191.json
RHSA-2009:1058 https://access.redhat.com/errata/RHSA-2009:1058
USN-787-1 https://usn.ubuntu.com/787-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.92426
EPSS Score 0.09351
Published At Aug. 4, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:28:49.326407+00:00 Apache HTTPD Importer Import https://httpd.apache.org/security/json/CVE-2009-1191.json 37.0.0