VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json
epss	0.06786	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.06786	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.06786	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.23017	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.23017	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.23017	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.23017	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.23017	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.23017	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.23017	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.23017	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
epss	0.23017	https://api.first.org/data/v1/epss?cve=CVE-2019-0190
apache_httpd	important	https://httpd.apache.org/security/json/CVE-2019-0190.json
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2019-0190
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-0190
archlinux	High	https://security.archlinux.org/AVG-857

System

Score

Found at

cvssv3

6.5

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json

epss

0.06786

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.06786

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.06786

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.23017

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.23017

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.23017

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.23017

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.23017

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.23017

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.23017

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.23017

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

epss

0.23017

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

apache_httpd

important

https://httpd.apache.org/security/json/CVE-2019-0190.json

cvssv2

5.0

https://nvd.nist.gov/vuln/detail/CVE-2019-0190

cvssv3.1

7.5

https://nvd.nist.gov/vuln/detail/CVE-2019-0190

archlinux

High

https://security.archlinux.org/AVG-857

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-0190
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190
		https://httpd.apache.org/security/vulnerabilities_24.html
		https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E
		https://security.gentoo.org/glsa/201903-21
		https://security.netapp.com/advisory/ntap-20190125-0001/
		https://www.oracle.com//security-alerts/cpujul2021.html
		https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
		https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
		http://www.securityfocus.com/bid/106743
1668488		https://bugzilla.redhat.com/show_bug.cgi?id=1668488
920220		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920220
ASA-201901-14		https://security.archlinux.org/ASA-201901-14
AVG-857		https://security.archlinux.org/AVG-857
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:::::::*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:::::::*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:::::::*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:::::::*
CVE-2019-0190		https://httpd.apache.org/security/json/CVE-2019-0190.json
CVE-2019-0190		https://nvd.nist.gov/vuln/detail/CVE-2019-0190

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0190.json

https://api.first.org/data/v1/epss?cve=CVE-2019-0190

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190

https://httpd.apache.org/security/vulnerabilities_24.html

https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E

https://security.gentoo.org/glsa/201903-21

https://security.netapp.com/advisory/ntap-20190125-0001/

https://www.oracle.com//security-alerts/cpujul2021.html

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

http://www.securityfocus.com/bid/106743

1668488

https://bugzilla.redhat.com/show_bug.cgi?id=1668488

920220

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920220

ASA-201901-14

https://security.archlinux.org/ASA-201901-14

AVG-857

https://security.archlinux.org/AVG-857

cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*

CVE-2019-0190

https://httpd.apache.org/security/json/CVE-2019-0190.json

CVE-2019-0190

https://nvd.nist.gov/vuln/detail/CVE-2019-0190

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:29:05.770339+00:00	Apache HTTPD Importer	Import	https://httpd.apache.org/security/json/CVE-2019-0190.json	37.0.0

2025-07-31T08:29:05.770339+00:00

Apache HTTPD Importer

Import

https://httpd.apache.org/security/json/CVE-2019-0190.json

37.0.0

Vulnerability ID	VCID-s52q-nkkg-9bca
Aliases	CVE-2019-0190
Summary	A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSSL version 1.1.1 or later, due to an interaction in changes to handling of renegotiation attempts.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Percentile	0.90979
EPSS Score	0.06786
Published At	Aug. 1, 2025, 12:55 p.m.