Hugging Face's logo

Spaces:
Sa-m
/
ai-pentest-api
Running

App Files Community
ai-pentest-api / core /cve_cache.json
AI Pentest Deploy
Clean deploy: remove junk dirs, backend only
792e3b9
raw
history blame contribute delete
420 kB
{
 "CVE-2004-1559": {
 "cached_at": "2026-04-25T01:56:53.994594+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2004-1559",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2004-12-31T05:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
 "baseScore": 4.3,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.6,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "FF1FE320-DF71-42EC-A0F0-300F7D6D4AB4"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://marc.info/?l=bugtraq&m=109641484723194&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://secunia.com/advisories/12683",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://securitytracker.com/id?1011440",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/bid/11268",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Patch"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17532",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=109641484723194&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://secunia.com/advisories/12683",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://securitytracker.com/id?1011440",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/bid/11268",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Patch"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17532",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php."
 }
 },
 "CVE-2004-1584": {
 "cached_at": "2026-04-25T01:56:55.232622+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2004-1584",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2004-12-31T05:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "FF1FE320-DF71-42EC-A0F0-300F7D6D4AB4"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://marc.info/?l=bugtraq&m=109716327724041&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://secunia.com/advisories/12773",
 "source": "cve@mitre.org",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://wordpress.org/development/2004/10/wp-121/",
 "source": "cve@mitre.org",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-12.xml",
 "source": "cve@mitre.org",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/11348",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Patch"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17649",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=109716327724041&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://secunia.com/advisories/12773",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://wordpress.org/development/2004/10/wp-121/",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-12.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/11348",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Patch"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17649",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter."
 }
 },
 "CVE-2005-1102": {
 "cached_at": "2026-04-25T01:56:56.407668+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-1102",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-05-02T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
 "baseScore": 6.8,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.6,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": true,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "1.5",
 "matchCriteriaId": "94082842-67EC-4709-A093-198B69DE582A"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://bugs.gentoo.org/show_bug.cgi?id=88926",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=111336102101571&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200506-04.xml",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://wordpress.org/support/topic.php?id=30721",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://bugs.gentoo.org/show_bug.cgi?id=88926",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=111336102101571&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200506-04.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://wordpress.org/support/topic.php?id=30721",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post."
 }
 },
 "CVE-2005-1687": {
 "cached_at": "2026-04-25T01:56:57.622589+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-1687",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-05-20T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": true,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "503E4894-3F39-471F-9A56-052718813BF9"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://bugs.gentoo.org/show_bug.cgi?id=88926",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=111661517716733&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200506-04.xml",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://bugs.gentoo.org/show_bug.cgi?id=88926",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=111661517716733&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200506-04.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter."
 }
 },
 "CVE-2005-1688": {
 "cached_at": "2026-04-25T01:56:58.764366+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-1688",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-05-20T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message."
 }
 ],
 "metrics": {
 "cvssMetricV31": [
 {
 "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
 "type": "Secondary",
 "cvssData": {
 "version": "3.1",
 "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
 "baseScore": 5.3,
 "baseSeverity": "MEDIUM",
 "attackVector": "NETWORK",
 "attackComplexity": "LOW",
 "privilegesRequired": "NONE",
 "userInteraction": "NONE",
 "scope": "UNCHANGED",
 "confidentialityImpact": "LOW",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "exploitabilityScore": 3.9,
 "impactScore": 1.4
 }
 ],
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-425"
 }
 ]
 },
 {
 "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
 "type": "Secondary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-425"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "1.5",
 "matchCriteriaId": "94082842-67EC-4709-A093-198B69DE582A"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://marc.info/?l=bugtraq&m=111661517716733&w=2",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=111661517716733&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 }
 ]
 },
 "cvss": 5.3,
 "severity": "MEDIUM",
 "description": "Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message."
 }
 },
 "CVE-2005-1810": {
 "cached_at": "2026-04-25T01:57:00.033066+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-1810",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-06-01T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": true,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "38085E5A-7B41-4E43-8A22-5FD44970F3EA"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://bugs.gentoo.org/show_bug.cgi?id=94512",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=111817436619067&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://secunia.com/advisories/15517",
 "source": "cve@mitre.org",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200506-04.xml",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://wordpress.org/development/2005/05/security-update/",
 "source": "cve@mitre.org",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.osvdb.org/16905",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/bid/13809",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://bugs.gentoo.org/show_bug.cgi?id=94512",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=111817436619067&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://secunia.com/advisories/15517",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200506-04.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://wordpress.org/development/2005/05/security-update/",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.osvdb.org/16905",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/bid/13809",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php."
 }
 },
 "CVE-2005-1921": {
 "cached_at": "2026-03-25T11:57:45.045069+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-1921",
 "sourceIdentifier": "secalert@redhat.com",
 "published": "2005-07-05T04:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": true,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-94"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:php:xml_rpc:*:*:*:*:*:pear:*:*",
 "versionEndIncluding": "1.3.0",
 "matchCriteriaId": "DF9FF982-2BF4-49ED-82F8-C8F8327D2EF3"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:gggeek:phpxmlrpc:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "1.1",
 "matchCriteriaId": "83956BC5-8694-4C4B-92C4-D3C960980F66"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
 "versionEndExcluding": "4.5.4",
 "matchCriteriaId": "00201099-3C07-44F0-880B-CE2AE77EE171"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "4.6.0",
 "versionEndExcluding": "4.6.2",
 "matchCriteriaId": "3C248ACE-86AF-40FF-8B8F-FE1879E54FF2"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:tiki:tikiwiki_cms\\/groupware:*:*:*:*:*:*:*:*",
 "versionEndExcluding": "1.8.5",
 "matchCriteriaId": "363E6E27-87B4-4271-B374-B176DE9E5D56"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://marc.info/?l=bugtraq&m=112008638320145&w=2",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=112015336720867&w=2",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=112605112027335&w=2",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://pear.php.net/package/XML_RPC/download/1.3.1",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch",
 "Product"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15810",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15852",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15855",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15861",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15872",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15883",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15884",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15895",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15903",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15904",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15916",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15917",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15922",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15944",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15947",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15957",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/16001",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/16339",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/16693",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/17440",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/17674",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/18003",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200507-01.xml",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200507-06.xml",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200507-07.xml",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://securitytracker.com/id?1015336",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://sourceforge.net/project/showfiles.php?group_id=87163",
 "source": "secalert@redhat.com",
 "tags": [
 "Product"
 ]
 },
 {
 "url": "http://sourceforge.net/project/shownotes.php?release_id=338803",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.ampache.org/announce/3_3_1_2.php",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.debian.org/security/2005/dsa-745",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.debian.org/security/2005/dsa-746",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.debian.org/security/2005/dsa-747",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.debian.org/security/2005/dsa-789",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.drupal.org/security/drupal-sa-2005-003/advisory.txt",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.gulftech.org/?node=research&article_id=00087-07012005",
 "source": "secalert@redhat.com",
 "tags": [
 "Not Applicable",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.hardened-php.net/advisory-022005.php",
 "source": "secalert@redhat.com",
 "tags": [
 "Not Applicable"
 ]
 },
 {
 "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:109",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch",
 "Third Party Advisory",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.novell.com/linux/security/advisories/2005_41_php_pear.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.novell.com/linux/security/advisories/2005_49_php.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.redhat.com/support/errata/RHSA-2005-564.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.securityfocus.com/archive/1/419064/100/0/threaded",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/14088",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.vupen.com/english/advisories/2005/2827",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11294",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A350",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=112008638320145&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=112015336720867&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=112605112027335&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://pear.php.net/package/XML_RPC/download/1.3.1",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Product"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15810",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15852",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15855",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15861",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15872",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15883",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15884",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15895",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15903",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15904",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15916",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15917",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15922",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15944",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15947",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/15957",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/16001",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/16339",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/16693",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/17440",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/17674",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://secunia.com/advisories/18003",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200507-01.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200507-06.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-200507-07.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://securitytracker.com/id?1015336",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://sourceforge.net/project/showfiles.php?group_id=87163",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Product"
 ]
 },
 {
 "url": "http://sourceforge.net/project/shownotes.php?release_id=338803",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.ampache.org/announce/3_3_1_2.php",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.debian.org/security/2005/dsa-745",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.debian.org/security/2005/dsa-746",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.debian.org/security/2005/dsa-747",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.debian.org/security/2005/dsa-789",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.drupal.org/security/drupal-sa-2005-003/advisory.txt",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.gulftech.org/?node=research&article_id=00087-07012005",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Not Applicable",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.hardened-php.net/advisory-022005.php",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Not Applicable"
 ]
 },
 {
 "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:109",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Third Party Advisory",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.novell.com/linux/security/advisories/2005_41_php_pear.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.novell.com/linux/security/advisories/2005_49_php.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.redhat.com/support/errata/RHSA-2005-564.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.securityfocus.com/archive/1/419064/100/0/threaded",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/14088",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.vupen.com/english/advisories/2005/2827",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11294",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A350",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement."
 }
 },
 "CVE-2005-2107": {
 "cached_at": "2026-04-25T01:57:01.312165+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-2107",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-07-05T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
 "baseScore": 4.3,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.6,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "D7D86BA1-3DC8-478C-B2FA-581F9AE1F93E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "6E7BEFBD-4326-44A5-A160-9406D94AB307"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "E85A88D7-07A1-4A8C-88B5-057AD9C675E8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "FF1FE320-DF71-42EC-A0F0-300F7D6D4AB4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "503E4894-3F39-471F-9A56-052718813BF9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "38085E5A-7B41-4E43-8A22-5FD44970F3EA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "7F0BF1F6-A54A-48E8-A872-015FE10E5D03"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://marc.info/?l=bugtraq&m=112006967221438&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://secunia.com/advisories/15831",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.gulftech.org/?node=research&article_id=00085-06282005",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=112006967221438&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://secunia.com/advisories/15831",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.gulftech.org/?node=research&article_id=00085-06282005",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter."
 }
 },
 "CVE-2005-2108": {
 "cached_at": "2026-04-25T01:57:02.995392+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-2108",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-07-05T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": true,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "D7D86BA1-3DC8-478C-B2FA-581F9AE1F93E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "6E7BEFBD-4326-44A5-A160-9406D94AB307"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "E85A88D7-07A1-4A8C-88B5-057AD9C675E8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "FF1FE320-DF71-42EC-A0F0-300F7D6D4AB4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "503E4894-3F39-471F-9A56-052718813BF9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "38085E5A-7B41-4E43-8A22-5FD44970F3EA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "7F0BF1F6-A54A-48E8-A872-015FE10E5D03"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://marc.info/?l=bugtraq&m=112006967221438&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://secunia.com/advisories/15831",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.gulftech.org/?node=research&article_id=00085-06282005",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=112006967221438&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://secunia.com/advisories/15831",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.gulftech.org/?node=research&article_id=00085-06282005",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file."
 }
 },
 "CVE-2005-2109": {
 "cached_at": "2026-04-25T01:57:04.197637+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-2109",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-07-05T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "D7D86BA1-3DC8-478C-B2FA-581F9AE1F93E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "6E7BEFBD-4326-44A5-A160-9406D94AB307"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "E85A88D7-07A1-4A8C-88B5-057AD9C675E8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "FF1FE320-DF71-42EC-A0F0-300F7D6D4AB4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "503E4894-3F39-471F-9A56-052718813BF9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "38085E5A-7B41-4E43-8A22-5FD44970F3EA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "7F0BF1F6-A54A-48E8-A872-015FE10E5D03"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://marc.info/?l=bugtraq&m=112006967221438&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://secunia.com/advisories/15831",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.gulftech.org/?node=research&article_id=00085-06282005",
 "source": "cve@mitre.org",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=112006967221438&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://secunia.com/advisories/15831",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.gulftech.org/?node=research&article_id=00085-06282005",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use."
 }
 },
 "CVE-2009-2629": {
 "cached_at": "2026-04-25T01:57:06.780786+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2009-2629",
 "sourceIdentifier": "cret@cert.org",
 "published": "2009-09-15T22:30:00.233",
 "lastModified": "2026-04-23T00:35:47.467",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests."
 },
 {
 "lang": "es",
 "value": "Desbordamiento de b\u00fafer inferior en src/http/ngx_http_parse.c en nginx v0.1.0 a la v0.5.37, v0.6.x a la v0.6.39, v0.7.x a la v0.7.62, y v0.8.x anterior a v0.8.15, permite a atacantes ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de peticiones HTTP manipuladas."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-787"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.1.0",
 "versionEndExcluding": "0.5.38",
 "matchCriteriaId": "F0DE2A3E-F210-4B55-900A-13C309891E3E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.6.0",
 "versionEndExcluding": "0.6.39",
 "matchCriteriaId": "692B1E17-4FB8-484E-85D2-4E90641268F5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.7.0",
 "versionEndExcluding": "0.7.62",
 "matchCriteriaId": "587F3642-4CB9-4D61-A5C9-55D7D172D96D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.8.0",
 "versionEndExcluding": "0.8.15",
 "matchCriteriaId": "93F18982-44F0-4A93-9A6A-D857E1577A5B"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*",
 "matchCriteriaId": "7000D33B-F3C7-43E8-8FC7-9B97AADC3E12"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*",
 "matchCriteriaId": "B3BB5EDB-520B-4DEF-B06E-65CA13152824"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
 "matchCriteriaId": "E44669D7-6C1E-4844-B78A-73E253A7CC17"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://nginx.net/CHANGES",
 "source": "cret@cert.org",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.net/CHANGES-0.5",
 "source": "cret@cert.org",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.net/CHANGES-0.6",
 "source": "cret@cert.org",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.net/CHANGES-0.7",
 "source": "cret@cert.org",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://sysoev.ru/nginx/patch.180065.txt",
 "source": "cret@cert.org",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.debian.org/security/2009/dsa-1884",
 "source": "cret@cert.org",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.kb.cert.org/vuls/id/180065",
 "source": "cret@cert.org",
 "tags": [
 "Third Party Advisory",
 "US Government Resource"
 ]
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html",
 "source": "cret@cert.org",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html",
 "source": "cret@cert.org",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html",
 "source": "cret@cert.org",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://nginx.net/CHANGES",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.net/CHANGES-0.5",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.net/CHANGES-0.6",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.net/CHANGES-0.7",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://sysoev.ru/nginx/patch.180065.txt",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://www.debian.org/security/2009/dsa-1884",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.kb.cert.org/vuls/id/180065",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "US Government Resource"
 ]
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests."
 }
 },
 "CVE-2009-3896": {
 "cached_at": "2026-04-25T01:57:08.125199+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2009-3896",
 "sourceIdentifier": "secalert@redhat.com",
 "published": "2009-11-24T17:30:00.377",
 "lastModified": "2026-04-23T00:35:47.467",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI."
 },
 {
 "lang": "es",
 "value": "src/http/ngx_http_parse.c en nginx (como Engine X) v0.1.0 hasta v0.4.14, v0.5.x anterior v0.5.38, v0.6.x anterior v0.6.39, v0.7.x anterior v0.7.62, y v0.8.x anterior 0.8.14 permite a atacantes remotos causar una denegaci\u00f3n de servicio (deferencia puntero nulo y ca\u00edda de proceso) a trav\u00e9s de una URI larga."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "NONE",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-119"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "34E64473-58DC-4158-BB07-071A670CDC49"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "2CC9B36B-CC2F-442F-AEF6-F911AFEE966A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "44AE0F17-F320-40FA-AD43-E4C22FE3B455"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "3CF8D9C0-99DE-4EB9-8EE1-C4EBBDF8F060"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "E53B582A-8EE0-4FE0-8B86-6068E8F28F72"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "D6139614-6835-4295-9D1F-1686D28C2D18"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "DF8FD201-BCEF-409C-8442-B15727893F23"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "3130F07A-9524-4DF0-83F8-32E13341E0AC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "BC716174-E211-4497-8AD6-49AC6CB2776A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "5F06259F-0848-428E-A9C3-9A96C4018EBD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "1DABF871-39BB-4DAC-B4FA-EF2C96CF3D9A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "012FF2E6-D51D-4233-B961-F4E0EDC5A83F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "AA0B3776-F86D-40CB-8372-722B49F44672"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "8C434DCD-B225-4BB5-B3A1-50C4338967BF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "20DA7234-6824-49D4-85D5-90C10950A884"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "FE5D29F6-18F4-41DE-A4FC-1F4387622C40"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.16:*:*:*:*:*:*:*",
 "matchCriteriaId": "9A21A021-2231-4639-973F-B626869127C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "581C97AC-A2A2-4C00-821A-223FE795E1AF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "EE3669C7-BDB1-4D3A-97A2-B32F8169E160"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "B95F8086-EBA4-447C-8D5B-57AB1BDB7C86"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "BD5AB833-DF18-4D5A-8C83-D8CDDE09DCF4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "D73F74AD-C174-46E0-8F15-63E1D24522A4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "04E8B6C4-7D39-464D-ACF0-4C8B0E1BA4F3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "762CB3D2-FDBD-4C15-A6FB-9C571E54CB4F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "A8187A09-E624-494E-9D0B-4915227CD0C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "CFFD2EC6-7600-4A14-901E-A09872FA34E8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "71A4BEE0-0AE1-4F0B-BE6B-94DEAA4AC4ED"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "C1AA69A1-E4A0-4541-9683-C7926876EC15"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "A081CD0C-583C-4702-80A7-5EB83F1F2222"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "BB538A03-5C14-416C-ABC8-3CF6F40AC74D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "CF7CE79D-2141-4786-8F5A-75475A997A26"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "BC95E17A-13E0-418D-BAB3-5DE38B64BCAA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "B511DE8A-03C1-45CC-BFAD-5CBAD08051D4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "A36CF460-5D9E-4F92-A5FB-67B2CF6F9C5F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "369C67DE-3FC6-4789-96E4-A56DDF24674E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "24FF9759-62E5-4E80-A8E8-B01FAAB75BA7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "BB185CAF-795D-4945-B0D6-568936D0A102"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "6EDF43E1-7334-44B1-9BDD-EE543AFA239C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.38:*:*:*:*:*:*:*",
 "matchCriteriaId": "B03BF1D6-A0BF-42DA-8319-C4CF551F909D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.39:*:*:*:*:*:*:*",
 "matchCriteriaId": "D5E34697-5F0B-4189-8E02-DF310DB2B11D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.40:*:*:*:*:*:*:*",
 "matchCriteriaId": "03071B0A-666F-46FC-B1EF-6498384D446C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.41:*:*:*:*:*:*:*",
 "matchCriteriaId": "D88341D2-BF1E-40BD-B3EB-EB5D7C80CBE3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.42:*:*:*:*:*:*:*",
 "matchCriteriaId": "11B039BA-92B2-48EC-A419-31C0C429C339"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.43:*:*:*:*:*:*:*",
 "matchCriteriaId": "AC1AF8B0-9A94-4EBF-B164-9EE4298D0FCD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.44:*:*:*:*:*:*:*",
 "matchCriteriaId": "58F7209C-A5A1-4F2D-91C4-A130F46ABC88"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.45:*:*:*:*:*:*:*",
 "matchCriteriaId": "F2604E43-1C77-42DD-B396-5A25B0A39850"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "26139CB0-8BAD-4BF2-8BAC-1B228B5F561F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "A0CA4F8E-D458-4DC8-97BA-9F7ADC85429D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "F062FD01-831F-46B4-9C7A-492B5F5A525B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "93021C52-5F88-450E-A0FA-1E7AD4BF4A6E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "F47DF42F-EBA9-4E75-933C-53A0CE9691C7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "72C527B7-EEDA-4013-BCEA-AEA5F5A889C7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "8868A8E3-4299-4796-8A96-EC402E3998F8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "93E7B28C-9D1A-49B5-8A54-9555B08471C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "4F6D6360-9C6C-4CE5-82F2-8BE2AF41A4E6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "BF59F965-59C2-4759-A4FF-D828CF515812"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "62E97F69-C178-4F7F-8472-6147DF22E69E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "F0FCD01A-6B3E-4B29-AAB2-A3EFB3965B27"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "372E2B59-085D-4E64-9F77-BEDE0FAFE3F3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "FDCC283B-FF74-47F3-AAEC-3A99110290C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "58286494-21A9-4AC7-B9A7-58D2B9860374"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "BF99C635-748F-49A8-940B-5AB48213D6F3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "C1AA5F7E-F36E-4FF4-B9BF-D307D7F8408D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "163AE467-E1C1-48D4-B2FA-9F28D99D8CD9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "2055FAFE-54CA-4E45-8818-E27D77BD25D1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "F3DD8251-9808-48F0-8ED2-04189BAC83E9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "2B394B65-D904-4D26-BEF7-55CD151D0830"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "F98696CC-3329-4A16-BEF0-ABB1171CA263"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "B37C15B1-7752-45AA-89AE-C770AFA032B6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.16:*:*:*:*:*:*:*",
 "matchCriteriaId": "62AECD27-1854-4E6C-8CFB-47B7C71AC70A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "3DB0F596-17BF-4324-9E2E-9A3D5AC3E533"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "6DBE5715-7673-4620-81EA-972A5CA7DEE7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "1589B6E4-6647-40F6-B34F-4064A068E3ED"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "DE8DF630-0EEF-4D69-BAE0-F433D2682D50"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "5E844090-43AA-4846-9850-15573DA320DE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "75E1BB11-1D9F-43E3-A215-BC8FFE3B2912"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "0040B3E4-A2CC-45CF-B2E2-B03C56344CE5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "D46650F1-CCBC-42BD-9D6E-D07A6EC7A58A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "F33D99A0-5AC9-445B-8C68-204B1E2A1B42"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "52D78B06-0826-44E4-AB0C-61C77BEB0598"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "8F98F843-0D15-4455-900B-20719D285B56"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "DBE32950-F476-446F-BFC4-EC5120D6CE61"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "3E3E1C4A-2CFC-43A0-B246-5199B41A7C29"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "B9C85B18-40E5-42F0-886C-19FABD5D397B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "46C8CD08-073E-4611-B2D1-66C0BB5B00F6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "C4EF6E8E-4E8D-4BAD-ACB0-FB38CD048A65"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "B9BEE011-B625-4227-8A24-92A4BDAF6F32"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "1F952AF9-7917-4FE6-AA61-79410453FBF7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "D54B2662-A8E6-4754-BDE4-640FB9A8F979"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "0964C0F0-BFB6-47F4-BC8B-ACC772FA82CC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "DD44DA86-3AC7-490C-B690-44F1CAC94BD0"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.38:*:*:*:*:*:*:*",
 "matchCriteriaId": "A94073D1-E657-4E92-985A-00427E17A485"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.39:*:*:*:*:*:*:*",
 "matchCriteriaId": "89988EAE-D4E8-49D6-98E8-246A7D98D4BA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.40:*:*:*:*:*:*:*",
 "matchCriteriaId": "6496AFD5-3232-4BA8-8404-D5E286B6BCE4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.41:*:*:*:*:*:*:*",
 "matchCriteriaId": "E68A4F70-1335-427F-8916-90B5F25E786F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.42:*:*:*:*:*:*:*",
 "matchCriteriaId": "CBC479CA-500E-4A45-8435-D5E55DD4D281"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.43:*:*:*:*:*:*:*",
 "matchCriteriaId": "F15289EE-16F1-4B71-89BD-36A03607326B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.44:*:*:*:*:*:*:*",
 "matchCriteriaId": "67BAF1E6-913A-4856-80BF-4A39863E8DB2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.45:*:*:*:*:*:*:*",
 "matchCriteriaId": "81294D2E-D087-40EF-96B8-2D6C5D33F09C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.46:*:*:*:*:*:*:*",
 "matchCriteriaId": "1774A68D-33A8-4DBD-ADF1-143FBE7BBBB7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.47:*:*:*:*:*:*:*",
 "matchCriteriaId": "6B8BEBBC-44CD-4994-BCB4-AB90C1FE4315"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.48:*:*:*:*:*:*:*",
 "matchCriteriaId": "EBE5CC5C-8E80-483F-876E-6D4A6FE0E9A1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.49:*:*:*:*:*:*:*",
 "matchCriteriaId": "AA4CB751-91CE-4FAD-A54B-FEA780AF094E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.50:*:*:*:*:*:*:*",
 "matchCriteriaId": "BED74A8F-C022-469F-8F6C-25C8C9D2696E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.51:*:*:*:*:*:*:*",
 "matchCriteriaId": "136D17BD-CC63-4427-A139-C9FA72D6D42B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.52:*:*:*:*:*:*:*",
 "matchCriteriaId": "94C19287-D201-40CA-B6E4-F89DE786F967"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.53:*:*:*:*:*:*:*",
 "matchCriteriaId": "6938773B-2874-48E1-866B-2E9286BFCB7B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.54:*:*:*:*:*:*:*",
 "matchCriteriaId": "704C5C74-2154-4DB8-AFE4-8A9FCA8B75C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.55:*:*:*:*:*:*:*",
 "matchCriteriaId": "8DEEACA6-935B-432D-AE61-E7C6A0383EBD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.56:*:*:*:*:*:*:*",
 "matchCriteriaId": "166361C6-183D-487E-A423-7A24CE0397F5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.57:*:*:*:*:*:*:*",
 "matchCriteriaId": "48678CF2-0C88-440B-AA49-C705A72C75D3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.58:*:*:*:*:*:*:*",
 "matchCriteriaId": "7BB80FD7-FC22-4911-89D4-95A502FABE03"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.59:*:*:*:*:*:*:*",
 "matchCriteriaId": "DAFE1CA3-993C-4E9A-880A-AE2581390BF0"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.60:*:*:*:*:*:*:*",
 "matchCriteriaId": "B3359813-9345-4F3A-8F29-BDAB8A42A971"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.61:*:*:*:*:*:*:*",
 "matchCriteriaId": "FCDE4A4D-FB19-4BAC-B2C9-E07C5F5705C7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "565C6100-5502-49A6-8F17-53921FC243C8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "BB82464D-E387-4844-9021-FF7195F905B2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "69A6688A-DF98-4433-91CC-FE6FDEC3968A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "1DD81AF6-B55B-47A7-8F29-C135F33FA7D6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "0C0CA98A-C99A-4021-BF38-4FB5184D0E93"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "F962CE1E-218F-4FBE-A4ED-922988D3BA91"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "EEC5AB3B-32FA-4AD5-8E31-573D4DCABBF6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "6B8388B1-8C01-49DD-BF3C-3C3B0FEA1F56"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "C625397F-DF52-4ED9-90AE-7CBCE56AECE0"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "1582E4C7-83A0-45E5-B7E1-CDB22BDB17B5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "2EDF7DB8-C9C0-47E4-85AF-D195BFCE426E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "97532F9D-CED0-466A-9E65-276E68972897"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "373A5785-1113-425F-9E7F-DF58E0DFF3E1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "F713F0D0-0E1B-45A3-90C3-AB9ED5666A65"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "AEC4C3A9-324E-4006-B0C9-966C144A02EC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "AFB7BA5F-AF0A-4282-AABA-F57C3BC425FA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "8B8800DB-A500-47FA-AD71-F3012D9E6C38"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "E7D68735-877D-4A5A-BCE4-9204C06A877C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "B994025A-5AA0-4ACB-B830-AD84578EE935"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "E612C3BE-89AB-47FC-9B65-11EC3FA53A20"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "B6137B44-F31E-49EF-8249-68C7B19DBF6E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "AADCADD7-2EEE-4397-B737-4FD071694C0C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "8C3EC4EA-722D-4767-B271-E5E94A61B2A9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "C7BD35FB-0406-45A4-983F-23FCB9AD8EA6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "845EAF67-F86C-47FF-AD63-424FC5FE3344"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "99ED4116-D874-463C-8A62-56297CFF02D3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "72C6A905-8CF0-44F4-B67C-7D55D22BFD9F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "FB9A5DE1-9728-4E9B-AA3A-FFFDB90A4D17"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "079D51E9-82F2-4ECF-8711-42A1E8BF3AFD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "473D1711-E4A2-4979-AA10-B3439036D8C1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.16:*:*:*:*:*:*:*",
 "matchCriteriaId": "E056E5DB-C16C-461F-885E-B516A3C3C880"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "94ACFB0D-7EF1-4E83-8A75-EB843398F7AA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "1D3DCD04-DD8B-4B8E-A9B2-0999C8D6F088"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "BBFFF0B8-F20D-4197-A3F9-8CAAC784E4A5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "365BC524-97F9-47AD-8ECD-0FF60B55BD12"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "745F4FAC-AD36-469C-B54D-F695146F9FFE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "EB8B6F37-4CE1-4DEF-BDE9-EC9BA422F543"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "E82535AE-E45A-45EE-8303-4F8EC461F4C8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "9526A9D2-05DB-4DD2-BE87-0FEA6A9E52E5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "C72B94DF-B4C1-40F7-A3FD-5EEE64119816"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "C642F33D-3A9E-4576-B831-556AA4902ED8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "0E69078D-579F-48AD-8BC7-2EEA06DCA02A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "535E9578-88F5-430E-8DBA-0E324C1362BB"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "B5022F10-D091-4D53-8476-53DBDC304B8D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "7E1CE05D-A611-4854-8BC4-C58C2F4723FB"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "0BD5BD39-95EF-4157-9CFC-A69FD782051F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "16CF4D49-A36D-40BF-B198-CBA04A4BC55A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "6E621C1A-2A94-477C-A22C-2512028F46AA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "4A5F41CC-69EA-4C49-8E59-9D352F760E3E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "D77FF714-F370-484C-BA9F-48C3897D95D5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "0977CC72-8588-4148-BBB3-8B2811040467"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "2058F887-2DE6-4837-B758-16D4D31AE625"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "0D4AEFBC-4141-4B17-8449-6796B27718A6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "4773F9A8-5E43-4DBB-8BC9-7A3FF07AA54D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "873B5C88-11A9-4F77-BBD1-F468067B83BD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "0E6E2758-B282-4AB6-861C-5909AC811ECF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "F21C4FD5-B9B4-4D88-A158-2BB1A92C5C2B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "8B0B12A7-8D8E-4D75-A3E6-CE92C0F124D7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "72914EBD-C4F4-4BCD-9613-583CB98562A9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "93BD0D22-9EB6-40E0-AE14-EFC79C249454"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "782E7ED3-06BF-42C6-A2CF-29C4962C328C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "97D0B1F9-CE07-4A87-8512-BCAD25B7DA86"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "3DAC5268-E39F-4D92-ADAC-05FBBF60E929"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "45490E90-DD0F-4DC6-95C9-79420726B6BD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "2A9F1EC1-1610-43B9-8A72-2CC0DE6D5B82"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "265CB602-4C78-497C-8E5C-758AC764D1E7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "97CD6E57-3B28-406E-97B7-00B516E209F1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "71B7EE8C-2C13-4F5C-8E78-57B48B872193"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "A58D8933-5E4C-452F-95DF-B52DF9597A30"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "E309D12E-2635-4DC7-B63E-AC8120402031"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "CD498ABB-A75A-4C0A-A038-CE98C60A1E67"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "B7FD994B-C52A-43E9-BDCF-C4DA80A56ED6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "2D7132AC-0824-474B-A1EA-1E7A8FA5692A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "5FE4DE37-F9CD-41AD-80D8-EA8FE4FDC4F1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "6FD802A9-6934-40A2-9EE5-E30A86BAF58B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "38DAA70B-2E2F-4A99-AF7A-690C8A819F12"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "1413E07A-A8AD-40E4-8E53-F031DF8D8C5B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "6FECFF93-AAA7-4F75-A7F8-957505A399C6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "A2C141D8-018B-4894-9D2A-3DDF13A27144"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "EB96A11F-9BD6-4A5D-99B8-B9269D853AE4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "938A7EF3-E292-4CC2-B6CF-3CCCC4E5C892"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "1502DF53-1944-4352-87E6-1CDD333112BE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "7A6D10FB-7099-41CE-8D81-F133D2968D77"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "55743854-1678-40C1-917D-FD4711DAFD97"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "B05BE618-3054-42F0-932E-35D711D9E959"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "4AD3717C-6049-4FF5-A3AC-53A262C93447"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "1E6BE57C-901A-4B7D-84F3-AFC79118949D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "4FD98F9B-9A77-44F2-8CBE-5EE53E2CB2D2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "D8FE0346-1D52-4AAF-8593-859FC85AC520"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.38:*:*:*:*:*:*:*",
 "matchCriteriaId": "00E4C8C0-02C4-45A3-BFB4-3795318D7EFA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "CF8BE564-9784-46A4-9712-6BE812B757E4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "09EB5ECD-D851-4FD1-838E-01CD779C4707"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "872B3995-3D72-4BBE-B8C5-E2142390B394"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "AA55740C-C77E-4B75-B7A2-8950E0673DED"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "D2B423AB-4283-47F6-BA44-FD76E4FA2558"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "F5C51C9E-C83C-4E86-B91B-A6001CDC3D78"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "D80F4C49-8CD5-4EB9-9346-12EE143004F7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "94DE340D-782B-42B2-8EDF-DD8584C52703"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "F137967D-9A3A-44B8-8E41-56D42AC9FBFA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "9E47C74C-697B-48C1-A20E-E30B1EB115AA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "6D2B8B0F-C5E9-4DDE-A303-24E63B5C486A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "A9FE0645-873B-48E1-8D67-B6E9CE41EE76"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "A2136748-7ADD-48FE-85C7-C7FDF3DFC7B3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "F1E4738D-5A55-4142-BF7D-C5FBE6AD92C5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "2F41A657-FB84-40A4-A812-4A940C19C563"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "6128BCAB-B6C1-45EA-90EB-D341A0BBBCDF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.16:*:*:*:*:*:*:*",
 "matchCriteriaId": "40921150-A75E-44DB-947D-948BB6FD95FB"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "3B5A48B6-3F34-4C36-AB4F-389F8C6F99A2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "41C8D846-A1E8-4CF9-9D51-37A80BA1DDBB"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "4A755328-5783-4F2C-A831-4AF52A263984"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "6027BA55-6D4E-44AD-B1E2-9BC7E219DD00"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "DE76724B-F1B6-4DF6-97A6-9A5C9A7539BD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "7E2D3916-7C5A-4253-B7DB-CA4A17658439"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "00D9F246-2B22-453B-9078-5A9E44C000C6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "1E558BFF-F580-4D06-92C3-C0799890A6BF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "8771DE53-EEB6-4846-82C0-E97A23F9FC7C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "6496DB0E-3A64-4006-A07F-4031117900CD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "7241B5EB-341D-4788-82D5-AE88BC19B0D3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "9432C71C-B324-4A8A-A2C7-6295DD06A979"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "6D80AEDB-523A-4C07-B34D-969B43995A4C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "96DB2832-B421-47CC-B5BF-3264722D1F58"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "CD8292E6-E9E9-4A5C-ABB5-21B30B793BAE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "D74E1F34-F3B9-49B4-886C-3EACB4A39181"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "0399B66B-4C3C-46A8-BB4A-228AE7825F83"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "0B64AC40-DFFD-4892-8ECC-809C62D57B23"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "409B886B-1C92-4A92-ABBE-258FD13D6EC6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "B97D7354-FEA3-489D-93DB-29F3BDAFCFCF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "AC1FE7B7-EE24-4C52-B6F7-7D8DC7436BD4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.38:*:*:*:*:*:*:*",
 "matchCriteriaId": "784FC15D-C0A9-4921-9FE0-13D68113979B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.39:*:*:*:*:*:*:*",
 "matchCriteriaId": "C2B49550-58F4-4E17-AA7F-C6E68381D6F3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.40:*:*:*:*:*:*:*",
 "matchCriteriaId": "199C31D9-564B-4DCE-90F8-DCC5185B157D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.41:*:*:*:*:*:*:*",
 "matchCriteriaId": "1A0D6DF2-7295-4048-9357-598DF38B1D07"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.42:*:*:*:*:*:*:*",
 "matchCriteriaId": "70D35BED-F2B4-47C7-8A5B-CB2A7FFBFFAC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.43:*:*:*:*:*:*:*",
 "matchCriteriaId": "34446D8A-05E3-4CBC-88AE-94D1ED9B42CF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.44:*:*:*:*:*:*:*",
 "matchCriteriaId": "37BEDAAF-8818-47A2-B6F7-D8D69000A1D6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.45:*:*:*:*:*:*:*",
 "matchCriteriaId": "5CC7F6E8-87FE-4502-BE4C-733BCFD6E7BC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.46:*:*:*:*:*:*:*",
 "matchCriteriaId": "48DDBA8F-1676-4D23-BF0C-8858A95FF43B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.47:*:*:*:*:*:*:*",
 "matchCriteriaId": "AA06F94F-B5E2-44B1-A313-256118FC0F1A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.48:*:*:*:*:*:*:*",
 "matchCriteriaId": "E3991D34-1D58-421A-87A8-DBBC225E64DE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.49:*:*:*:*:*:*:*",
 "matchCriteriaId": "574572C4-5359-48A4-BC48-8A740929601E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.50:*:*:*:*:*:*:*",
 "matchCriteriaId": "B250BCDB-01E9-47BE-BF2A-42253083DF84"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.51:*:*:*:*:*:*:*",
 "matchCriteriaId": "69B7BD47-4AE6-4A8B-8773-97D4E47AA8EF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.52:*:*:*:*:*:*:*",
 "matchCriteriaId": "14412552-C2D6-4E24-8A5A-258DCFA1FD19"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.53:*:*:*:*:*:*:*",
 "matchCriteriaId": "54C84DD5-73DB-40E3-A930-8467CE5391C4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.54:*:*:*:*:*:*:*",
 "matchCriteriaId": "86840620-5641-49F2-8803-197C1E1D42A5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.55:*:*:*:*:*:*:*",
 "matchCriteriaId": "CDB2D731-F2CA-43FF-A170-BD3BA89C4F88"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.56:*:*:*:*:*:*:*",
 "matchCriteriaId": "839AA5EB-FF21-44ED-A340-5B1BC444E649"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.57:*:*:*:*:*:*:*",
 "matchCriteriaId": "F7B48748-5B9C-4D77-BE1F-9C7A436ECA5F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.58:*:*:*:*:*:*:*",
 "matchCriteriaId": "D2D4C93E-8A58-4B8D-A2F9-79A1D3526FDA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.59:*:*:*:*:*:*:*",
 "matchCriteriaId": "0750BECB-3AB8-4A80-8D4D-F0CBA11F3E37"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.60:*:*:*:*:*:*:*",
 "matchCriteriaId": "E9231C67-A182-441C-9148-BB1CDE6AFF55"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*",
 "matchCriteriaId": "3091F4CB-D14A-4BCA-8155-119AE7716360"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "20A0F5C4-7FCE-4666-9B14-D0B1D4CDF23F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "2192AF4D-7BEF-4A16-B8BE-86256006759D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "BFC06391-07A4-4CC5-BE4E-9AB47956D1C4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "9617C1F3-52F5-4830-9477-91E8853A1A15"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "3396AE2A-9FBB-4F3C-BFDD-FC4681CB5FBC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "FBFBACD8-8A7C-4460-8630-08A770DCF31E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "6C84F735-8DF6-4C1E-9C85-C5D23C636CEF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "7D4D2475-1FDD-4B6B-95E2-2CF47C3DD53E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "B3BCE063-8093-459B-9358-2DE44B49FF33"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "0ACB0DB5-98B1-4F0A-A668-6237A4EB2770"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "F25FDA11-9398-4595-814E-1A5470BD76AC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "862B468F-EDA7-4CB8-81D7-BBCFC2E37E3E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "35EBD4F5-FB10-44D6-9E28-130ECDAF5673"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "4EA0D3EB-4F12-4BBC-BA04-C4A2169E243E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "01BA8DC0-35CF-43CD-95E5-1A245CC7724C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:nginx:nginx:0.6.1516:*:*:*:*:*:*:*",
 "matchCriteriaId": "0CAB85AB-3C58-4AF3-B5C8-4E48A01252B6"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552035",
 "source": "secalert@redhat.com",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "http://marc.info/?l=nginx&m=125692080328141&w=2",
 "source": "secalert@redhat.com"
 },
 {
 "url": "http://secunia.com/advisories/48577",
 "source": "secalert@redhat.com"
 },
 {
 "url": "http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3.diff.gz",
 "source": "secalert@redhat.com"
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml",
 "source": "secalert@redhat.com"
 },
 {
 "url": "http://sysoev.ru/nginx/patch.null.pointer.txt",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.debian.org/security/2009/dsa-1920",
 "source": "secalert@redhat.com"
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/20/1",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/20/6",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/23/10",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/36839",
 "source": "secalert@redhat.com",
 "tags": [
 "Exploit",
 "Patch"
 ]
 },
 {
 "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539565",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html",
 "source": "secalert@redhat.com"
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html",
 "source": "secalert@redhat.com"
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html",
 "source": "secalert@redhat.com"
 },
 {
 "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552035",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "http://marc.info/?l=nginx&m=125692080328141&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://secunia.com/advisories/48577",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://security.debian.org/pool/updates/main/n/nginx/nginx_0.4.13-2+etch3.diff.gz",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://sysoev.ru/nginx/patch.null.pointer.txt",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.debian.org/security/2009/dsa-1920",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/20/1",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/20/6",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/23/10",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/36839",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Patch"
 ]
 },
 {
 "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539565",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00428.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00442.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00449.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI."
 }
 },
 "CVE-2009-3898": {
 "cached_at": "2026-04-25T01:57:09.274505+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2009-3898",
 "sourceIdentifier": "secalert@redhat.com",
 "published": "2009-11-24T17:30:00.437",
 "lastModified": "2026-04-23T00:35:47.467",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method."
 },
 {
 "lang": "es",
 "value": "Vulnerabilidad de salto de directorio en src/http/modules/ngx_http_dav_module.c en nginx (como Engine X) anterior v0.7.63, y v0.8.x anterior v0.8.17, permite a usuarios autentificados remotamente crear y sobrescribir archivos de su elecci\u00f3n a trav\u00e9s de .. (punto punto) en la cabecera HTTP Destination para el WebDAV (1) COPY o (2) m\u00e9etodo MOVE."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
 "baseScore": 4.9,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "SINGLE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 6.8,
 "impactScore": 4.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-22"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "0.7.62",
 "matchCriteriaId": "FD62197E-3FD8-4DFE-87A5-26158E39F6E3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "34E64473-58DC-4158-BB07-071A670CDC49"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "2CC9B36B-CC2F-442F-AEF6-F911AFEE966A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "44AE0F17-F320-40FA-AD43-E4C22FE3B455"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "3CF8D9C0-99DE-4EB9-8EE1-C4EBBDF8F060"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "E53B582A-8EE0-4FE0-8B86-6068E8F28F72"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "D6139614-6835-4295-9D1F-1686D28C2D18"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "DF8FD201-BCEF-409C-8442-B15727893F23"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "3130F07A-9524-4DF0-83F8-32E13341E0AC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "BC716174-E211-4497-8AD6-49AC6CB2776A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "5F06259F-0848-428E-A9C3-9A96C4018EBD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "1DABF871-39BB-4DAC-B4FA-EF2C96CF3D9A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "012FF2E6-D51D-4233-B961-F4E0EDC5A83F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "AA0B3776-F86D-40CB-8372-722B49F44672"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "8C434DCD-B225-4BB5-B3A1-50C4338967BF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "20DA7234-6824-49D4-85D5-90C10950A884"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "FE5D29F6-18F4-41DE-A4FC-1F4387622C40"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.16:*:*:*:*:*:*:*",
 "matchCriteriaId": "9A21A021-2231-4639-973F-B626869127C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "581C97AC-A2A2-4C00-821A-223FE795E1AF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "EE3669C7-BDB1-4D3A-97A2-B32F8169E160"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "B95F8086-EBA4-447C-8D5B-57AB1BDB7C86"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "BD5AB833-DF18-4D5A-8C83-D8CDDE09DCF4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "D73F74AD-C174-46E0-8F15-63E1D24522A4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "04E8B6C4-7D39-464D-ACF0-4C8B0E1BA4F3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "762CB3D2-FDBD-4C15-A6FB-9C571E54CB4F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "A8187A09-E624-494E-9D0B-4915227CD0C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "CFFD2EC6-7600-4A14-901E-A09872FA34E8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "71A4BEE0-0AE1-4F0B-BE6B-94DEAA4AC4ED"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "C1AA69A1-E4A0-4541-9683-C7926876EC15"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "A081CD0C-583C-4702-80A7-5EB83F1F2222"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "BB538A03-5C14-416C-ABC8-3CF6F40AC74D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "CF7CE79D-2141-4786-8F5A-75475A997A26"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "BC95E17A-13E0-418D-BAB3-5DE38B64BCAA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "B511DE8A-03C1-45CC-BFAD-5CBAD08051D4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "A36CF460-5D9E-4F92-A5FB-67B2CF6F9C5F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "369C67DE-3FC6-4789-96E4-A56DDF24674E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "24FF9759-62E5-4E80-A8E8-B01FAAB75BA7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "BB185CAF-795D-4945-B0D6-568936D0A102"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "6EDF43E1-7334-44B1-9BDD-EE543AFA239C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.38:*:*:*:*:*:*:*",
 "matchCriteriaId": "B03BF1D6-A0BF-42DA-8319-C4CF551F909D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.39:*:*:*:*:*:*:*",
 "matchCriteriaId": "D5E34697-5F0B-4189-8E02-DF310DB2B11D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.40:*:*:*:*:*:*:*",
 "matchCriteriaId": "03071B0A-666F-46FC-B1EF-6498384D446C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.41:*:*:*:*:*:*:*",
 "matchCriteriaId": "D88341D2-BF1E-40BD-B3EB-EB5D7C80CBE3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.42:*:*:*:*:*:*:*",
 "matchCriteriaId": "11B039BA-92B2-48EC-A419-31C0C429C339"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.43:*:*:*:*:*:*:*",
 "matchCriteriaId": "AC1AF8B0-9A94-4EBF-B164-9EE4298D0FCD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.44:*:*:*:*:*:*:*",
 "matchCriteriaId": "58F7209C-A5A1-4F2D-91C4-A130F46ABC88"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.1.45:*:*:*:*:*:*:*",
 "matchCriteriaId": "F2604E43-1C77-42DD-B396-5A25B0A39850"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "26139CB0-8BAD-4BF2-8BAC-1B228B5F561F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "A0CA4F8E-D458-4DC8-97BA-9F7ADC85429D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "F062FD01-831F-46B4-9C7A-492B5F5A525B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "93021C52-5F88-450E-A0FA-1E7AD4BF4A6E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "F47DF42F-EBA9-4E75-933C-53A0CE9691C7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "72C527B7-EEDA-4013-BCEA-AEA5F5A889C7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.2.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "8868A8E3-4299-4796-8A96-EC402E3998F8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "93E7B28C-9D1A-49B5-8A54-9555B08471C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "4F6D6360-9C6C-4CE5-82F2-8BE2AF41A4E6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "BF59F965-59C2-4759-A4FF-D828CF515812"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "62E97F69-C178-4F7F-8472-6147DF22E69E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "F0FCD01A-6B3E-4B29-AAB2-A3EFB3965B27"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "372E2B59-085D-4E64-9F77-BEDE0FAFE3F3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "FDCC283B-FF74-47F3-AAEC-3A99110290C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "58286494-21A9-4AC7-B9A7-58D2B9860374"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "BF99C635-748F-49A8-940B-5AB48213D6F3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "C1AA5F7E-F36E-4FF4-B9BF-D307D7F8408D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "163AE467-E1C1-48D4-B2FA-9F28D99D8CD9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "2055FAFE-54CA-4E45-8818-E27D77BD25D1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "F3DD8251-9808-48F0-8ED2-04189BAC83E9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "2B394B65-D904-4D26-BEF7-55CD151D0830"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "F98696CC-3329-4A16-BEF0-ABB1171CA263"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "B37C15B1-7752-45AA-89AE-C770AFA032B6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.16:*:*:*:*:*:*:*",
 "matchCriteriaId": "62AECD27-1854-4E6C-8CFB-47B7C71AC70A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "3DB0F596-17BF-4324-9E2E-9A3D5AC3E533"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "6DBE5715-7673-4620-81EA-972A5CA7DEE7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "1589B6E4-6647-40F6-B34F-4064A068E3ED"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "DE8DF630-0EEF-4D69-BAE0-F433D2682D50"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "5E844090-43AA-4846-9850-15573DA320DE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "75E1BB11-1D9F-43E3-A215-BC8FFE3B2912"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "0040B3E4-A2CC-45CF-B2E2-B03C56344CE5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "D46650F1-CCBC-42BD-9D6E-D07A6EC7A58A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "F33D99A0-5AC9-445B-8C68-204B1E2A1B42"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "52D78B06-0826-44E4-AB0C-61C77BEB0598"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "8F98F843-0D15-4455-900B-20719D285B56"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "DBE32950-F476-446F-BFC4-EC5120D6CE61"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "3E3E1C4A-2CFC-43A0-B246-5199B41A7C29"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "B9C85B18-40E5-42F0-886C-19FABD5D397B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "46C8CD08-073E-4611-B2D1-66C0BB5B00F6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "C4EF6E8E-4E8D-4BAD-ACB0-FB38CD048A65"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "B9BEE011-B625-4227-8A24-92A4BDAF6F32"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "1F952AF9-7917-4FE6-AA61-79410453FBF7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "D54B2662-A8E6-4754-BDE4-640FB9A8F979"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "0964C0F0-BFB6-47F4-BC8B-ACC772FA82CC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "DD44DA86-3AC7-490C-B690-44F1CAC94BD0"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.38:*:*:*:*:*:*:*",
 "matchCriteriaId": "A94073D1-E657-4E92-985A-00427E17A485"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.39:*:*:*:*:*:*:*",
 "matchCriteriaId": "89988EAE-D4E8-49D6-98E8-246A7D98D4BA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.40:*:*:*:*:*:*:*",
 "matchCriteriaId": "6496AFD5-3232-4BA8-8404-D5E286B6BCE4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.41:*:*:*:*:*:*:*",
 "matchCriteriaId": "E68A4F70-1335-427F-8916-90B5F25E786F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.42:*:*:*:*:*:*:*",
 "matchCriteriaId": "CBC479CA-500E-4A45-8435-D5E55DD4D281"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.43:*:*:*:*:*:*:*",
 "matchCriteriaId": "F15289EE-16F1-4B71-89BD-36A03607326B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.44:*:*:*:*:*:*:*",
 "matchCriteriaId": "67BAF1E6-913A-4856-80BF-4A39863E8DB2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.45:*:*:*:*:*:*:*",
 "matchCriteriaId": "81294D2E-D087-40EF-96B8-2D6C5D33F09C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.46:*:*:*:*:*:*:*",
 "matchCriteriaId": "1774A68D-33A8-4DBD-ADF1-143FBE7BBBB7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.47:*:*:*:*:*:*:*",
 "matchCriteriaId": "6B8BEBBC-44CD-4994-BCB4-AB90C1FE4315"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.48:*:*:*:*:*:*:*",
 "matchCriteriaId": "EBE5CC5C-8E80-483F-876E-6D4A6FE0E9A1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.49:*:*:*:*:*:*:*",
 "matchCriteriaId": "AA4CB751-91CE-4FAD-A54B-FEA780AF094E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.50:*:*:*:*:*:*:*",
 "matchCriteriaId": "BED74A8F-C022-469F-8F6C-25C8C9D2696E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.51:*:*:*:*:*:*:*",
 "matchCriteriaId": "136D17BD-CC63-4427-A139-C9FA72D6D42B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.52:*:*:*:*:*:*:*",
 "matchCriteriaId": "94C19287-D201-40CA-B6E4-F89DE786F967"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.53:*:*:*:*:*:*:*",
 "matchCriteriaId": "6938773B-2874-48E1-866B-2E9286BFCB7B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.54:*:*:*:*:*:*:*",
 "matchCriteriaId": "704C5C74-2154-4DB8-AFE4-8A9FCA8B75C2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.55:*:*:*:*:*:*:*",
 "matchCriteriaId": "8DEEACA6-935B-432D-AE61-E7C6A0383EBD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.56:*:*:*:*:*:*:*",
 "matchCriteriaId": "166361C6-183D-487E-A423-7A24CE0397F5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.57:*:*:*:*:*:*:*",
 "matchCriteriaId": "48678CF2-0C88-440B-AA49-C705A72C75D3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.58:*:*:*:*:*:*:*",
 "matchCriteriaId": "7BB80FD7-FC22-4911-89D4-95A502FABE03"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.59:*:*:*:*:*:*:*",
 "matchCriteriaId": "DAFE1CA3-993C-4E9A-880A-AE2581390BF0"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.60:*:*:*:*:*:*:*",
 "matchCriteriaId": "B3359813-9345-4F3A-8F29-BDAB8A42A971"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.3.61:*:*:*:*:*:*:*",
 "matchCriteriaId": "FCDE4A4D-FB19-4BAC-B2C9-E07C5F5705C7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "565C6100-5502-49A6-8F17-53921FC243C8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "BB82464D-E387-4844-9021-FF7195F905B2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "69A6688A-DF98-4433-91CC-FE6FDEC3968A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "1DD81AF6-B55B-47A7-8F29-C135F33FA7D6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "0C0CA98A-C99A-4021-BF38-4FB5184D0E93"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "F962CE1E-218F-4FBE-A4ED-922988D3BA91"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "EEC5AB3B-32FA-4AD5-8E31-573D4DCABBF6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "6B8388B1-8C01-49DD-BF3C-3C3B0FEA1F56"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "C625397F-DF52-4ED9-90AE-7CBCE56AECE0"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "1582E4C7-83A0-45E5-B7E1-CDB22BDB17B5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "2EDF7DB8-C9C0-47E4-85AF-D195BFCE426E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "97532F9D-CED0-466A-9E65-276E68972897"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "373A5785-1113-425F-9E7F-DF58E0DFF3E1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.4.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "F713F0D0-0E1B-45A3-90C3-AB9ED5666A65"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "AEC4C3A9-324E-4006-B0C9-966C144A02EC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "AFB7BA5F-AF0A-4282-AABA-F57C3BC425FA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "8B8800DB-A500-47FA-AD71-F3012D9E6C38"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "E7D68735-877D-4A5A-BCE4-9204C06A877C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "B994025A-5AA0-4ACB-B830-AD84578EE935"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "E612C3BE-89AB-47FC-9B65-11EC3FA53A20"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "B6137B44-F31E-49EF-8249-68C7B19DBF6E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "AADCADD7-2EEE-4397-B737-4FD071694C0C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "8C3EC4EA-722D-4767-B271-E5E94A61B2A9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "C7BD35FB-0406-45A4-983F-23FCB9AD8EA6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "845EAF67-F86C-47FF-AD63-424FC5FE3344"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "99ED4116-D874-463C-8A62-56297CFF02D3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "72C6A905-8CF0-44F4-B67C-7D55D22BFD9F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "FB9A5DE1-9728-4E9B-AA3A-FFFDB90A4D17"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "079D51E9-82F2-4ECF-8711-42A1E8BF3AFD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "473D1711-E4A2-4979-AA10-B3439036D8C1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.16:*:*:*:*:*:*:*",
 "matchCriteriaId": "E056E5DB-C16C-461F-885E-B516A3C3C880"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "94ACFB0D-7EF1-4E83-8A75-EB843398F7AA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "1D3DCD04-DD8B-4B8E-A9B2-0999C8D6F088"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "BBFFF0B8-F20D-4197-A3F9-8CAAC784E4A5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "365BC524-97F9-47AD-8ECD-0FF60B55BD12"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "745F4FAC-AD36-469C-B54D-F695146F9FFE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "EB8B6F37-4CE1-4DEF-BDE9-EC9BA422F543"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "E82535AE-E45A-45EE-8303-4F8EC461F4C8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "9526A9D2-05DB-4DD2-BE87-0FEA6A9E52E5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "C72B94DF-B4C1-40F7-A3FD-5EEE64119816"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "C642F33D-3A9E-4576-B831-556AA4902ED8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "0E69078D-579F-48AD-8BC7-2EEA06DCA02A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "535E9578-88F5-430E-8DBA-0E324C1362BB"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "B5022F10-D091-4D53-8476-53DBDC304B8D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "7E1CE05D-A611-4854-8BC4-C58C2F4723FB"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "0BD5BD39-95EF-4157-9CFC-A69FD782051F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "16CF4D49-A36D-40BF-B198-CBA04A4BC55A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "6E621C1A-2A94-477C-A22C-2512028F46AA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "4A5F41CC-69EA-4C49-8E59-9D352F760E3E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "D77FF714-F370-484C-BA9F-48C3897D95D5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "0977CC72-8588-4148-BBB3-8B2811040467"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.5.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "2058F887-2DE6-4837-B758-16D4D31AE625"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "0D4AEFBC-4141-4B17-8449-6796B27718A6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "4773F9A8-5E43-4DBB-8BC9-7A3FF07AA54D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "873B5C88-11A9-4F77-BBD1-F468067B83BD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "0E6E2758-B282-4AB6-861C-5909AC811ECF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "F21C4FD5-B9B4-4D88-A158-2BB1A92C5C2B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "8B0B12A7-8D8E-4D75-A3E6-CE92C0F124D7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "72914EBD-C4F4-4BCD-9613-583CB98562A9"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "93BD0D22-9EB6-40E0-AE14-EFC79C249454"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "782E7ED3-06BF-42C6-A2CF-29C4962C328C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "97D0B1F9-CE07-4A87-8512-BCAD25B7DA86"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "3DAC5268-E39F-4D92-ADAC-05FBBF60E929"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "45490E90-DD0F-4DC6-95C9-79420726B6BD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "2A9F1EC1-1610-43B9-8A72-2CC0DE6D5B82"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "265CB602-4C78-497C-8E5C-758AC764D1E7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "97CD6E57-3B28-406E-97B7-00B516E209F1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "71B7EE8C-2C13-4F5C-8E78-57B48B872193"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "A58D8933-5E4C-452F-95DF-B52DF9597A30"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "E309D12E-2635-4DC7-B63E-AC8120402031"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "CD498ABB-A75A-4C0A-A038-CE98C60A1E67"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "B7FD994B-C52A-43E9-BDCF-C4DA80A56ED6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "2D7132AC-0824-474B-A1EA-1E7A8FA5692A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "5FE4DE37-F9CD-41AD-80D8-EA8FE4FDC4F1"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "6FD802A9-6934-40A2-9EE5-E30A86BAF58B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "38DAA70B-2E2F-4A99-AF7A-690C8A819F12"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "1413E07A-A8AD-40E4-8E53-F031DF8D8C5B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "6FECFF93-AAA7-4F75-A7F8-957505A399C6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "A2C141D8-018B-4894-9D2A-3DDF13A27144"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "EB96A11F-9BD6-4A5D-99B8-B9269D853AE4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "938A7EF3-E292-4CC2-B6CF-3CCCC4E5C892"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "1502DF53-1944-4352-87E6-1CDD333112BE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "7A6D10FB-7099-41CE-8D81-F133D2968D77"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "55743854-1678-40C1-917D-FD4711DAFD97"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "B05BE618-3054-42F0-932E-35D711D9E959"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "4AD3717C-6049-4FF5-A3AC-53A262C93447"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "1E6BE57C-901A-4B7D-84F3-AFC79118949D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "4FD98F9B-9A77-44F2-8CBE-5EE53E2CB2D2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "D8FE0346-1D52-4AAF-8593-859FC85AC520"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.6.38:*:*:*:*:*:*:*",
 "matchCriteriaId": "00E4C8C0-02C4-45A3-BFB4-3795318D7EFA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "CF8BE564-9784-46A4-9712-6BE812B757E4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "09EB5ECD-D851-4FD1-838E-01CD779C4707"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "872B3995-3D72-4BBE-B8C5-E2142390B394"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "AA55740C-C77E-4B75-B7A2-8950E0673DED"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "D2B423AB-4283-47F6-BA44-FD76E4FA2558"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "F5C51C9E-C83C-4E86-B91B-A6001CDC3D78"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "D80F4C49-8CD5-4EB9-9346-12EE143004F7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "94DE340D-782B-42B2-8EDF-DD8584C52703"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "F137967D-9A3A-44B8-8E41-56D42AC9FBFA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "9E47C74C-697B-48C1-A20E-E30B1EB115AA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "6D2B8B0F-C5E9-4DDE-A303-24E63B5C486A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "A9FE0645-873B-48E1-8D67-B6E9CE41EE76"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "A2136748-7ADD-48FE-85C7-C7FDF3DFC7B3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "F1E4738D-5A55-4142-BF7D-C5FBE6AD92C5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "2F41A657-FB84-40A4-A812-4A940C19C563"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "6128BCAB-B6C1-45EA-90EB-D341A0BBBCDF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.16:*:*:*:*:*:*:*",
 "matchCriteriaId": "40921150-A75E-44DB-947D-948BB6FD95FB"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.17:*:*:*:*:*:*:*",
 "matchCriteriaId": "3B5A48B6-3F34-4C36-AB4F-389F8C6F99A2"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.18:*:*:*:*:*:*:*",
 "matchCriteriaId": "41C8D846-A1E8-4CF9-9D51-37A80BA1DDBB"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.19:*:*:*:*:*:*:*",
 "matchCriteriaId": "4A755328-5783-4F2C-A831-4AF52A263984"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.20:*:*:*:*:*:*:*",
 "matchCriteriaId": "6027BA55-6D4E-44AD-B1E2-9BC7E219DD00"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.21:*:*:*:*:*:*:*",
 "matchCriteriaId": "DE76724B-F1B6-4DF6-97A6-9A5C9A7539BD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.22:*:*:*:*:*:*:*",
 "matchCriteriaId": "7E2D3916-7C5A-4253-B7DB-CA4A17658439"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.23:*:*:*:*:*:*:*",
 "matchCriteriaId": "00D9F246-2B22-453B-9078-5A9E44C000C6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.24:*:*:*:*:*:*:*",
 "matchCriteriaId": "1E558BFF-F580-4D06-92C3-C0799890A6BF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.25:*:*:*:*:*:*:*",
 "matchCriteriaId": "8771DE53-EEB6-4846-82C0-E97A23F9FC7C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.26:*:*:*:*:*:*:*",
 "matchCriteriaId": "6496DB0E-3A64-4006-A07F-4031117900CD"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.27:*:*:*:*:*:*:*",
 "matchCriteriaId": "7241B5EB-341D-4788-82D5-AE88BC19B0D3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.28:*:*:*:*:*:*:*",
 "matchCriteriaId": "9432C71C-B324-4A8A-A2C7-6295DD06A979"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.29:*:*:*:*:*:*:*",
 "matchCriteriaId": "6D80AEDB-523A-4C07-B34D-969B43995A4C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.30:*:*:*:*:*:*:*",
 "matchCriteriaId": "96DB2832-B421-47CC-B5BF-3264722D1F58"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.31:*:*:*:*:*:*:*",
 "matchCriteriaId": "CD8292E6-E9E9-4A5C-ABB5-21B30B793BAE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.32:*:*:*:*:*:*:*",
 "matchCriteriaId": "D74E1F34-F3B9-49B4-886C-3EACB4A39181"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.33:*:*:*:*:*:*:*",
 "matchCriteriaId": "0399B66B-4C3C-46A8-BB4A-228AE7825F83"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.34:*:*:*:*:*:*:*",
 "matchCriteriaId": "0B64AC40-DFFD-4892-8ECC-809C62D57B23"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.35:*:*:*:*:*:*:*",
 "matchCriteriaId": "409B886B-1C92-4A92-ABBE-258FD13D6EC6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.36:*:*:*:*:*:*:*",
 "matchCriteriaId": "B97D7354-FEA3-489D-93DB-29F3BDAFCFCF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.37:*:*:*:*:*:*:*",
 "matchCriteriaId": "AC1FE7B7-EE24-4C52-B6F7-7D8DC7436BD4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.38:*:*:*:*:*:*:*",
 "matchCriteriaId": "784FC15D-C0A9-4921-9FE0-13D68113979B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.39:*:*:*:*:*:*:*",
 "matchCriteriaId": "C2B49550-58F4-4E17-AA7F-C6E68381D6F3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.40:*:*:*:*:*:*:*",
 "matchCriteriaId": "199C31D9-564B-4DCE-90F8-DCC5185B157D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.41:*:*:*:*:*:*:*",
 "matchCriteriaId": "1A0D6DF2-7295-4048-9357-598DF38B1D07"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.42:*:*:*:*:*:*:*",
 "matchCriteriaId": "70D35BED-F2B4-47C7-8A5B-CB2A7FFBFFAC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.43:*:*:*:*:*:*:*",
 "matchCriteriaId": "34446D8A-05E3-4CBC-88AE-94D1ED9B42CF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.44:*:*:*:*:*:*:*",
 "matchCriteriaId": "37BEDAAF-8818-47A2-B6F7-D8D69000A1D6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.45:*:*:*:*:*:*:*",
 "matchCriteriaId": "5CC7F6E8-87FE-4502-BE4C-733BCFD6E7BC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.46:*:*:*:*:*:*:*",
 "matchCriteriaId": "48DDBA8F-1676-4D23-BF0C-8858A95FF43B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.47:*:*:*:*:*:*:*",
 "matchCriteriaId": "AA06F94F-B5E2-44B1-A313-256118FC0F1A"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.48:*:*:*:*:*:*:*",
 "matchCriteriaId": "E3991D34-1D58-421A-87A8-DBBC225E64DE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.49:*:*:*:*:*:*:*",
 "matchCriteriaId": "574572C4-5359-48A4-BC48-8A740929601E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.50:*:*:*:*:*:*:*",
 "matchCriteriaId": "B250BCDB-01E9-47BE-BF2A-42253083DF84"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.51:*:*:*:*:*:*:*",
 "matchCriteriaId": "69B7BD47-4AE6-4A8B-8773-97D4E47AA8EF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.52:*:*:*:*:*:*:*",
 "matchCriteriaId": "14412552-C2D6-4E24-8A5A-258DCFA1FD19"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.53:*:*:*:*:*:*:*",
 "matchCriteriaId": "54C84DD5-73DB-40E3-A930-8467CE5391C4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.54:*:*:*:*:*:*:*",
 "matchCriteriaId": "86840620-5641-49F2-8803-197C1E1D42A5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.55:*:*:*:*:*:*:*",
 "matchCriteriaId": "CDB2D731-F2CA-43FF-A170-BD3BA89C4F88"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.56:*:*:*:*:*:*:*",
 "matchCriteriaId": "839AA5EB-FF21-44ED-A340-5B1BC444E649"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.57:*:*:*:*:*:*:*",
 "matchCriteriaId": "F7B48748-5B9C-4D77-BE1F-9C7A436ECA5F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.58:*:*:*:*:*:*:*",
 "matchCriteriaId": "D2D4C93E-8A58-4B8D-A2F9-79A1D3526FDA"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.59:*:*:*:*:*:*:*",
 "matchCriteriaId": "0750BECB-3AB8-4A80-8D4D-F0CBA11F3E37"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.60:*:*:*:*:*:*:*",
 "matchCriteriaId": "E9231C67-A182-441C-9148-BB1CDE6AFF55"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.61:*:*:*:*:*:*:*",
 "matchCriteriaId": "3091F4CB-D14A-4BCA-8155-119AE7716360"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "20A0F5C4-7FCE-4666-9B14-D0B1D4CDF23F"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "2192AF4D-7BEF-4A16-B8BE-86256006759D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "BFC06391-07A4-4CC5-BE4E-9AB47956D1C4"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "9617C1F3-52F5-4830-9477-91E8853A1A15"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "3396AE2A-9FBB-4F3C-BFDD-FC4681CB5FBC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "FBFBACD8-8A7C-4460-8630-08A770DCF31E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "6C84F735-8DF6-4C1E-9C85-C5D23C636CEF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.7:*:*:*:*:*:*:*",
 "matchCriteriaId": "7D4D2475-1FDD-4B6B-95E2-2CF47C3DD53E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.8:*:*:*:*:*:*:*",
 "matchCriteriaId": "B3BCE063-8093-459B-9358-2DE44B49FF33"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "0ACB0DB5-98B1-4F0A-A668-6237A4EB2770"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "F25FDA11-9398-4595-814E-1A5470BD76AC"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "862B468F-EDA7-4CB8-81D7-BBCFC2E37E3E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.12:*:*:*:*:*:*:*",
 "matchCriteriaId": "35EBD4F5-FB10-44D6-9E28-130ECDAF5673"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.13:*:*:*:*:*:*:*",
 "matchCriteriaId": "4EA0D3EB-4F12-4BBC-BA04-C4A2169E243E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "01BA8DC0-35CF-43CD-95E5-1A245CC7724C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.8.15:*:*:*:*:*:*:*",
 "matchCriteriaId": "904F3781-AF6C-4BA3-8794-512CECAB8208"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:nginx:nginx:0.6.1516:*:*:*:*:*:*:*",
 "matchCriteriaId": "0CAB85AB-3C58-4AF3-B5C8-4E48A01252B6"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0379.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "http://marc.info/?l=oss-security&m=125897327321676&w=2",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://marc.info/?l=oss-security&m=125897425223039&w=2",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://marc.info/?l=oss-security&m=125900327409842&w=2",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://secunia.com/advisories/36818",
 "source": "secalert@redhat.com",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/48577",
 "source": "secalert@redhat.com"
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml",
 "source": "secalert@redhat.com"
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/20/1",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/23/10",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0379.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "http://marc.info/?l=oss-security&m=125897327321676&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://marc.info/?l=oss-security&m=125897425223039&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://marc.info/?l=oss-security&m=125900327409842&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://secunia.com/advisories/36818",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/48577",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/20/1",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2009/11/23/10",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method."
 }
 },
 "CVE-2009-4487": {
 "cached_at": "2026-04-25T01:57:10.350428+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2009-4487",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2010-01-13T20:30:00.357",
 "lastModified": "2026-04-23T00:35:47.467",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator."
 },
 {
 "lang": "es",
 "value": "nginx v0.7.64, escribe datos en un archivo de los sin depurar los caracteres no escribibles, lo que podr\u00eda permitir a atacantes remotos modificar la ventana de t\u00edtulo, o posiblemente ejecutar comandos de su elecci\u00f3n o sobrescribir archivos, a trav\u00e9s de una petici\u00f3n HTTP que contiene una secuencia de escape para el emulador de terminal."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
 "baseScore": 6.8,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.6,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": true
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-noinfo"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:0.7.64:*:*:*:*:*:*:*",
 "matchCriteriaId": "16FDFF79-9B8D-4CA5-84F4-ED8999023B10"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://www.securityfocus.com/archive/1/508830/100/0/threaded",
 "source": "cve@mitre.org",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/37711",
 "source": "cve@mitre.org",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/archive/1/508830/100/0/threaded",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/37711",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Patch",
 "Third Party Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator."
 }
 },
 "CVE-2010-2263": {
 "cached_at": "2026-04-25T01:57:11.423117+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2010-2263",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2010-06-15T14:04:24.313",
 "lastModified": "2025-04-11T00:51:21.963",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI."
 },
 {
 "lang": "es",
 "value": "nginx 0.8 en versiones anteriores a la 0.8.40 y 0.7 en versiones anteriores a la 0.7.66, al ser ejecutado en Windows, permite a atacantes remotos obtener c\u00f3digo fuente o contenido sin interpretar de ficheros de su elecci\u00f3n que est\u00e9n bajo la ra\u00edz de documentos web a\u00f1adiendo ::$DATA a la URI."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-200"
 }
 ]
 }
 ],
 "configurations": [
 {
 "operator": "AND",
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.7.52",
 "versionEndExcluding": "0.7.66",
 "matchCriteriaId": "1B338639-BD28-4073-8874-7D4013E23282"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.8.0",
 "versionEndIncluding": "0.8.39",
 "matchCriteriaId": "494A2664-A392-4F3F-B15A-B31FF474BBB5"
 }
 ]
 },
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": false,
 "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Release Notes",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.exploit-db.com/exploits/13818",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.exploit-db.com/exploits/13822",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/40760",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Release Notes",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.exploit-db.com/exploits/13818",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.exploit-db.com/exploits/13822",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/40760",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI."
 }
 },
 "CVE-2010-2266": {
 "cached_at": "2026-04-25T01:57:12.674604+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2010-2266",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2010-06-15T14:04:24.420",
 "lastModified": "2025-04-11T00:51:21.963",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the \"%c0.%c0.\" sequence."
 },
 {
 "lang": "es",
 "value": "nginx v0.8.36 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (mediante ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de ciertas secuencias codificadas de salto de directorio que provocan corrupci\u00f3n de memoria, como se demuestra usando la secuencia \"%c0.%c0.\" ."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "NONE",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-22"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.7.52",
 "versionEndExcluding": "0.7.67",
 "matchCriteriaId": "134B3FD6-2125-4A8B-8107-FE8AE09F4249"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.8.0",
 "versionEndIncluding": "0.8.40",
 "matchCriteriaId": "535B4F85-4BDD-4231-A09E-1E4733920C8B"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://www.exploit-db.com/exploits/13818/",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.exploit-db.com/exploits/13818/",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the \"%c0.%c0.\" sequence."
 }
 },
 "CVE-2011-4315": {
 "cached_at": "2026-04-25T01:57:13.828366+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2011-4315",
 "sourceIdentifier": "secalert@redhat.com",
 "published": "2011-12-08T20:55:01.000",
 "lastModified": "2025-04-11T00:51:21.963",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response."
 },
 {
 "lang": "es",
 "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en el procesamiento de compresi\u00f3n puntero en core/ngx_resolver.c en nginx antes de v1.0.10 permite a resolvers remotos causar una denegaci\u00f3n de servicio (ca\u00edda del demonio) o posiblemente tener un impacto no especificado a trav\u00e9s de una respuesta larga."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
 "baseScore": 6.8,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.6,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-787"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.6.18",
 "versionEndExcluding": "1.0.10",
 "matchCriteriaId": "4F92F127-6CBE-43EE-9E40-3FA89656A225"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "1.1.0",
 "versionEndIncluding": "1.1.7",
 "matchCriteriaId": "67542E52-9201-4AC8-BB9E-0F93D7DC968C"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*",
 "matchCriteriaId": "706C6399-CAD1-46E3-87A2-8DFE2CF497ED"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:suse:studio:1.2:*:*:*:standard:*:*:*",
 "matchCriteriaId": "234A6341-7A0E-42BB-A653-11064B6F110C"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:suse:studio_onsite:1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "E523A94D-9ECA-43C2-B96F-0D2C77D3F952"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:suse:webyast:1.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "C3DB92F3-F16A-4304-AA90-DB5325814F6C"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070569.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00005.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://openwall.com/lists/oss-security/2011/11/17/10",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://openwall.com/lists/oss-security/2011/11/17/8",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/47097",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/48577",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://trac.nginx.org/nginx/changeset/4268/nginx",
 "source": "secalert@redhat.com",
 "tags": [
 "Issue Tracking",
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.nginx.org/en/CHANGES-1.0",
 "source": "secalert@redhat.com",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/50710",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070569.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00005.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://openwall.com/lists/oss-security/2011/11/17/10",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://openwall.com/lists/oss-security/2011/11/17/8",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/47097",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/48577",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://trac.nginx.org/nginx/changeset/4268/nginx",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Issue Tracking",
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.nginx.org/en/CHANGES-1.0",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Release Notes",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/50710",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response."
 }
 },
 "CVE-2012-1180": {
 "cached_at": "2026-04-25T01:57:14.986986+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2012-1180",
 "sourceIdentifier": "secalert@redhat.com",
 "published": "2012-04-17T21:55:01.227",
 "lastModified": "2025-04-11T00:51:21.963",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request."
 },
 {
 "lang": "es",
 "value": "Una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en nginx v1.0.14 y v1.1.x antes de v1.1.17 permite obtener informaci\u00f3n sensible de la memoria del proceso a servidores remotos de HTTP a trav\u00e9s de una respuesta del backend modificada, junto con una petici\u00f3n de cliente."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-416"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.1.0",
 "versionEndExcluding": "1.0.14",
 "matchCriteriaId": "343EDF1A-0A61-4399-88AC-CAC4F670BC19"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "1.1.0",
 "versionEndExcluding": "1.1.17",
 "matchCriteriaId": "7194EAE0-70A4-47B9-A7D6-71EC56F33D52"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*",
 "matchCriteriaId": "9396E005-22D8-4342-9323-C7DEA379191D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*",
 "matchCriteriaId": "706C6399-CAD1-46E3-87A2-8DFE2CF497ED"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*",
 "matchCriteriaId": "2DA9D861-3EAF-42F5-B0B6-A4CD7BDD6188"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077966.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076646.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076671.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://nginx.org/download/patch.2012.memory.txt",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.org/en/security_advisories.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://osvdb.org/80124",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://seclists.org/bugtraq/2012/Mar/65",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/48465",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/48577",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://trac.nginx.org/nginx/changeset/4530/nginx",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://trac.nginx.org/nginx/changeset/4531/nginx",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.debian.org/security/2012/dsa-2434",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:043",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2012/03/15/5",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2012/03/15/9",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/52578",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securitytracker.com/id?1026827",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://bugzilla.redhat.com/show_bug.cgi?id=803856",
 "source": "secalert@redhat.com",
 "tags": [
 "Issue Tracking",
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74191",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://hermes.opensuse.org/messages/14173096",
 "source": "secalert@redhat.com",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077966.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076646.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076671.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://nginx.org/download/patch.2012.memory.txt",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.org/en/security_advisories.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://osvdb.org/80124",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 },
 {
 "url": "http://seclists.org/bugtraq/2012/Mar/65",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/48465",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/48577",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://security.gentoo.org/glsa/glsa-201203-22.xml",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://trac.nginx.org/nginx/changeset/4530/nginx",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://trac.nginx.org/nginx/changeset/4531/nginx",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.debian.org/security/2012/dsa-2434",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:043",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2012/03/15/5",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2012/03/15/9",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/52578",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securitytracker.com/id?1026827",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://bugzilla.redhat.com/show_bug.cgi?id=803856",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Issue Tracking",
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74191",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://hermes.opensuse.org/messages/14173096",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Broken Link"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request."
 }
 },
 "CVE-2012-2089": {
 "cached_at": "2026-04-25T01:57:16.210266+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2012-2089",
 "sourceIdentifier": "secalert@redhat.com",
 "published": "2012-04-17T21:55:01.353",
 "lastModified": "2025-04-11T00:51:21.963",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file."
 },
 {
 "lang": "es",
 "value": "Un desbordamiento de b\u00fafer en ngx_http_mp4_module.c en el m\u00f3dulo de ngx_http_mp4_module en nginx v1.0.7 a v1.0.14 y en v1.1.3 a v1.1.18, cuando se usa la directiva mp4, permite a atacantes remotos causar una denegaci\u00f3n de servicio (sobrescritura de memoria) o, posiblemente, ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo MP4 especificamente creado para este fin."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
 "baseScore": 6.8,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.6,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": true
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-120"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "1.0.7",
 "versionEndIncluding": "1.0.14",
 "matchCriteriaId": "621F7555-4990-4EEA-88A1-1A12394F770B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "1.1.3",
 "versionEndIncluding": "1.1.18",
 "matchCriteriaId": "B8E39F08-328D-4C29-BDA9-0D11F8B54E65"
 }
 ]
 }
 ]
 },
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*",
 "matchCriteriaId": "9396E005-22D8-4342-9323-C7DEA379191D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*",
 "matchCriteriaId": "706C6399-CAD1-46E3-87A2-8DFE2CF497ED"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*",
 "matchCriteriaId": "2DA9D861-3EAF-42F5-B0B6-A4CD7BDD6188"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079388.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079467.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079474.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://nginx.org/en/security_advisories.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2012/04/12/9",
 "source": "secalert@redhat.com",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/52999",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securitytracker.com/id?1026924",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74831",
 "source": "secalert@redhat.com",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079388.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079467.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079474.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://nginx.org/en/security_advisories.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.openwall.com/lists/oss-security/2012/04/12/9",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Patch",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/52999",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securitytracker.com/id?1026924",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74831",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file."
 }
 },
 "CVE-2011-4963": {
 "cached_at": "2026-04-25T01:57:17.347429+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2011-4963",
 "sourceIdentifier": "secalert@redhat.com",
 "published": "2012-07-26T19:55:00.980",
 "lastModified": "2025-04-11T00:51:21.963",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain \"$index_allocation\" sequences in a request."
 },
 {
 "lang": "es",
 "value": "nginx/Windows v1.3.x antes de v1.3.1 y v1.2.x antes de v1.2.1 permite a atacantes remotos eludir restricciones de acceso y acceder a archivos restringidos a trav\u00e9s de (1) un . (punto) final o (2) una serie de secuencias \"$index_allocation\" en una solicitud.\r\n"
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-noinfo"
 }
 ]
 }
 ],
 "configurations": [
 {
 "operator": "AND",
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
 "versionStartIncluding": "0.7.52",
 "versionEndExcluding": "1.2.1",
 "matchCriteriaId": "E14A396A-0D7D-476A-926E-DA011E8C0CB3"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:f5:nginx:1.3.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "645A3263-E14F-4A55-A6C7-C1DC8A6E1D26"
 }
 ]
 },
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": false,
 "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://english.securitylab.ru/lab/PT-2012-06",
 "source": "secalert@redhat.com",
 "tags": [
 "Mitigation",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Mitigation",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.org/en/security_advisories.html",
 "source": "secalert@redhat.com",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://english.securitylab.ru/lab/PT-2012-06",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mitigation",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://mailman.nginx.org/pipermail/nginx-announce/2012/000086.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mitigation",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://nginx.org/en/security_advisories.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain \"$index_allocation\" sequences in a request."
 }
 },
 "CVE-1999-0236": {
 "cached_at": "2026-04-25T01:23:08.693384+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-0236",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1997-01-01T05:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs."
 }
 ],
 "metrics": {
 "cvssMetricV31": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "3.1",
 "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
 "baseScore": 7.5,
 "baseSeverity": "HIGH",
 "attackVector": "NETWORK",
 "attackComplexity": "LOW",
 "privilegesRequired": "NONE",
 "userInteraction": "NONE",
 "scope": "UNCHANGED",
 "confidentialityImpact": "HIGH",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "exploitabilityScore": 3.9,
 "impactScore": 3.6
 }
 ],
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-noinfo"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
 "versionEndExcluding": "1.0",
 "matchCriteriaId": "9A453C77-BCCD-4BE2-BE55-FE5E21F9EEBF"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:illinois:ncsa_httpd:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "8D345E6D-976C-4D9C-8BF5-E4D41983A548"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0236",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0236",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 }
 ]
 },
 "cvss": 7.5,
 "severity": "HIGH",
 "description": "ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs."
 }
 },
 "CVE-1999-0071": {
 "cached_at": "2026-04-25T01:23:09.701692+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-0071",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1997-09-01T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Apache httpd cookie buffer overflow for versions 1.1.1 and earlier."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": true,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.1.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "4363C07C-179B-4797-947F-7440AD1F2D00"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0071",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0071",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Apache httpd cookie buffer overflow for versions 1.1.1 and earlier."
 }
 },
 "CVE-1999-0107": {
 "cached_at": "2026-04-25T01:23:10.560669+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-0107",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1997-12-30T05:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "NONE",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:0.8.11:*:*:*:*:*:*:*",
 "matchCriteriaId": "E80E240C-9879-48EC-AC9A-2C1FD5E2DD8E"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:0.8.14:*:*:*:*:*:*:*",
 "matchCriteriaId": "AF16AF7D-9475-435F-AE36-F16CE8F45A75"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "06F3141B-2C30-4230-A425-465E235539EE"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.0.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "B6D2C9EA-1241-4DE6-A6CD-FCD7EEC9B42D"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.0.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "B5EA86B9-4F86-4ADA-BC6A-4F6E261848F6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.0.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "CA6523AC-ECC9-4A79-9387-18308FCF9A68"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "BDCBCF0F-63FB-4A03-92F8-FF121083CD85"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.1.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "4363C07C-179B-4797-947F-7440AD1F2D00"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "AB26F3B0-04F8-43C1-9136-B85932F1C2F1"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0107",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0107",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters."
 }
 },
 "CVE-1999-1199": {
 "cached_at": "2026-04-25T01:23:11.492961+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-1199",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1998-08-07T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
 "baseScore": 10.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "COMPLETE",
 "integrityImpact": "COMPLETE",
 "availabilityImpact": "COMPLETE"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 10.0,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "1.3.1",
 "matchCriteriaId": "2CC36A25-1E07-49F0-9725-3F72EAEE6CAF"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://marc.info/?l=bugtraq&m=90252779826784&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=90276683825862&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=90280517007869&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=90286768232093&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=90252779826784&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=90276683825862&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=90280517007869&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=90286768232093&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#apache",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ],
 "vendorComments": [
 {
 "organization": "Apache",
 "comment": "Fixed in Apache HTTP Server 1.3.2:\nhttp://httpd.apache.org/security/vulnerabilities_13.html",
 "lastModified": "2008-07-02T00:00:00"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the \"sioux\" vulnerability."
 }
 },
 "CVE-1999-0448": {
 "cached_at": "2026-03-26T15:48:49.389350+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-0448",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1999-01-01T05:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "5D47E9C4-5439-4A82-BBD8-D6B482B47E51"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0448",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0448",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request."
 }
 },
 "CVE-1999-0678": {
 "cached_at": "2026-04-25T01:23:12.545217+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-0678",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1999-01-17T05:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "operator": "AND",
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "D623D8C0-65D2-4269-A1D4-5CB3899F44C8"
 }
 ]
 },
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": false,
 "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://www.securityfocus.com/bid/318",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/318",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server."
 }
 },
 "CVE-1999-1412": {
 "cached_at": "2026-04-25T01:23:13.497796+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-1412",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1999-06-03T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "NONE",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-noinfo"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "D623D8C0-65D2-4269-A1D4-5CB3899F44C8"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:apple:macos:1.0:*:*:*:*:*:*:*",
 "matchCriteriaId": "51575CB1-A800-410A-BE8C-028FFD938245"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://www.securityfocus.com/archive/1/14215",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/306",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/archive/1/14215",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/306",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes."
 }
 },
 "CVE-1999-1237": {
 "cached_at": "2026-04-25T01:23:14.590607+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-1237",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1999-06-06T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
 "baseScore": 10.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "COMPLETE",
 "integrityImpact": "COMPLETE",
 "availabilityImpact": "COMPLETE"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 10.0,
 "acInsufInfo": false,
 "obtainAllPrivilege": true,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-120"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "D623D8C0-65D2-4269-A1D4-5CB3899F44C8"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://www.securityfocus.com/archive/1/14384",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2272",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://www.securityfocus.com/archive/1/14384",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2272",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods."
 }
 },
 "CVE-2000-1206": {
 "cached_at": "2026-04-25T01:23:15.626613+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2000-1206",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1999-08-20T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.3.9:*:*:*:*:*:*:*",
 "matchCriteriaId": "19C8989C-D8A6-4AE9-99B6-F2DAE5999EB6"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.3.10:*:*:*:*:*:*:*",
 "matchCriteriaId": "F715F8CB-A473-4374-8CF1-E9D74EBA5E8F"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://www.apacheweek.com/issues/00-01-07#status",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.apacheweek.com/issues/00-01-07#status",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ],
 "vendorComments": [
 {
 "organization": "Apache",
 "comment": "Fixed in Apache HTTP Server 1.3.11:\nhttp://httpd.apache.org/security/vulnerabilities_13.html",
 "lastModified": "2008-07-02T00:00:00"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files."
 }
 },
 "CVE-1999-0926": {
 "cached_at": "2026-04-25T01:23:16.806207+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-0926",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1999-09-03T04:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Apache allows remote attackers to conduct a denial of service via a large number of MIME headers."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
 "baseScore": 10.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "COMPLETE",
 "integrityImpact": "COMPLETE",
 "availabilityImpact": "COMPLETE"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 10.0,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apache:http_server:1.2.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "AB26F3B0-04F8-43C1-9136-B85932F1C2F1"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://archives.neohapsis.com/archives/bugtraq/1998_3/0742.html",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://archives.neohapsis.com/archives/bugtraq/1998_3/0742.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Apache allows remote attackers to conduct a denial of service via a large number of MIME headers."
 }
 },
 "CVE-1999-0454": {
 "cached_at": "2026-03-26T15:48:56.455187+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-0454",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1999-01-01T05:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
 "baseScore": 10.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "COMPLETE",
 "integrityImpact": "COMPLETE",
 "availabilityImpact": "COMPLETE"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 10.0,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "references": [
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2048",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2048",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso."
 }
 },
 "CVE-2002-0956": {
 "cached_at": "2026-03-26T15:48:57.495942+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2002-0956",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2002-10-04T04:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:iss:blackice_agent:3.1eal:*:*:*:*:*:*:*",
 "matchCriteriaId": "C4B3C750-334F-4BF8-82F0-27C8FD7D932D"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0090.html",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://online.securityfocus.com/archive/1/275710",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.iss.net/security_center/static/9275.php",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/4950",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0090.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://online.securityfocus.com/archive/1/275710",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.iss.net/security_center/static/9275.php",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/4950",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions."
 }
 },
 "CVE-2006-4073": {
 "cached_at": "2026-03-26T15:48:58.464383+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2006-4073",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2006-08-11T01:04:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz phpCC Beta 4.2 allow remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter to (1) login.php, (2) reactivate.php, or (3) register.php."
 },
 {
 "lang": "es",
 "value": "M\u00faltiples vulnerabilidades de inclusi\u00f3n remota de archivo en PHP en Fabian Hainz phpCC Beta 4.2 permite a atacantes remotos ejecutar c\u00f3digo PHP de su elecci\u00f3n mediante una URL en el par\u00e1metro base_dir a (1) login.php, (2) reactivate.php, o (3) register.php."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": true,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:phpcc:phpcc:beta_4.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "973B60E8-FC41-41E0-97B4-0E945BE3A994"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://www.securityfocus.com/archive/1/442428/100/0/threaded",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/bid/19376",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "http://www.solpotcrew.org/adv/solpot-adv-05.txt",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.vupen.com/english/advisories/2006/3199",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28259",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://www.exploit-db.com/exploits/2134",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/archive/1/442428/100/0/threaded",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/bid/19376",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "http://www.solpotcrew.org/adv/solpot-adv-05.txt",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.vupen.com/english/advisories/2006/3199",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28259",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://www.exploit-db.com/exploits/2134",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz phpCC Beta 4.2 allow remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter to (1) login.php, (2) reactivate.php, or (3) register.php."
 }
 },
 "CVE-2007-1724": {
 "cached_at": "2026-03-26T15:48:59.412932+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2007-1724",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2007-03-28T00:19:00.000",
 "lastModified": "2025-04-09T00:30:58.490",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Unspecified vulnerability in ReactOS 0.3.1 has unknown impact and attack vectors, related to a fix for \"dozens of win32k bugs and failures,\" in which the fix itself introduces a vulnerability, possibly related to user-mode and kernel-mode copy failures."
 },
 {
 "lang": "es",
 "value": "Vulnerabilidad no especificada en ReactOS 0.3.1 tiene impacto y vectores de ataque desconocidos, relacionados con un parche para \"docenas de fallos y errores win32k\", en el que el propio parche reintroduce una vulnerabilidad, posiblemente relacionada con fallos de copia en user-mode y kernel-mode."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
 "baseScore": 10.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "COMPLETE",
 "integrityImpact": "COMPLETE",
 "availabilityImpact": "COMPLETE"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 10.0,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:reactos:reactos:0.3.1:*:*:*:*:*:*:*",
 "matchCriteriaId": "C581336D-F572-469A-B9F4-B71D6E9D5758"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://osvdb.org/43446",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.reactos.org/wiki/index.php/ChangeLog-0.3.1",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://osvdb.org/43446",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.reactos.org/wiki/index.php/ChangeLog-0.3.1",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Unspecified vulnerability in ReactOS 0.3.1 has unknown impact and attack vectors, related to a fix for \"dozens of win32k bugs and failures,\" in which the fix itself introduces a vulnerability, possibly related to user-mode and kernel-mode copy failures."
 }
 },
 "CVE-2007-4244": {
 "cached_at": "2026-03-26T15:49:00.339979+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2007-4244",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2007-08-08T23:17:00.000",
 "lastModified": "2025-04-09T00:30:58.490",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "PHP remote file inclusion vulnerability in langset.php in J! Reactions (com_jreactions) 1.8.1 and earlier, a Joomla! component, allows remote attackers to execute arbitrary PHP code via a URL in the comPath parameter."
 },
 {
 "lang": "es",
 "value": "Vulnerabilidad de inclusi\u00f3n remota de archivos PHP en el archivo langset.php en J! Reactions (com_jreactions) versiones 1.8.1 y anteriores, un componente de Joomla!, permite a atacantes remotos ejecutar c\u00f3digo PHP arbitrario por medio de una URL en el par\u00e1metro comPath."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-94"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:joomla:j_reactions:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "1.8.1",
 "matchCriteriaId": "A18B10EB-8B7B-4BF9-AC61-ED1CDDC13102"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://securityreason.com/securityalert/2984",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/archive/1/475544/100/0/threaded",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/archive/1/477144/100/0/threaded",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/archive/1/477245/100/0/threaded",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/bid/25198",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "http://yollubunlar.org/joomla-j-reactions-component-rfi-75.html",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35808",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://securityreason.com/securityalert/2984",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/archive/1/475544/100/0/threaded",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/archive/1/477144/100/0/threaded",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/archive/1/477245/100/0/threaded",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/bid/25198",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "http://yollubunlar.org/joomla-j-reactions-component-rfi-75.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35808",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "PHP remote file inclusion vulnerability in langset.php in J! Reactions (com_jreactions) 1.8.1 and earlier, a Joomla! component, allows remote attackers to execute arbitrary PHP code via a URL in the comPath parameter."
 }
 },
 "CVE-2007-4844": {
 "cached_at": "2026-03-26T15:49:01.212576+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2007-4844",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2007-09-12T20:17:00.000",
 "lastModified": "2025-04-09T00:30:58.490",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "X-Diesel Unreal Commander 0.92 build 565 and 573 does not properly react to an FTP server's behavior after sending a \"CWD /\" command, which allows remote FTP servers to cause a denial of service (infinite loop) by (1) repeatedly sending a 550 error response, or (2) sending a 550 error response and then disconnecting."
 },
 {
 "lang": "es",
 "value": "X-Diesel Unreal Commander 0.92 build 565 y 573 no reacciona adecuadamente al comportamiento de un servidor FTP tras enviar un comando \"CWD /\", lo cual permite a servidores FTP remotos provocar una denegaci\u00f3n de servicio (bucle infinito) (1) enviando repetidamente una respuesta de error 550, o (2) enviando una respuesta de error 550 y despu\u00e9s desconectando."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
 "baseScore": 4.3,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "NONE",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.6,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": true
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-20"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:x-diesel:unreal_commander:0.92_build565:*:*:*:*:*:*:*",
 "matchCriteriaId": "5E10A135-3DEA-4C76-8BDA-28252FE266E0"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:x-diesel:unreal_commander:0.92_build573:*:*:*:*:*:*:*",
 "matchCriteriaId": "A38B09DC-7E74-49EE-AA19-E9A542932AEF"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://blog.hispasec.com/lab/advisories/adv_UnrealCommander_0_92_build_573_Multiple_FTP_Based_Vulnerabilities.txt",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://osvdb.org/39616",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://securityreason.com/securityalert/3125",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/archive/1/478728/100/0/threaded",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/bid/25583",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36488",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://blog.hispasec.com/lab/advisories/adv_UnrealCommander_0_92_build_573_Multiple_FTP_Based_Vulnerabilities.txt",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://osvdb.org/39616",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://securityreason.com/securityalert/3125",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/archive/1/478728/100/0/threaded",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/bid/25583",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36488",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "X-Diesel Unreal Commander 0.92 build 565 and 573 does not properly react to an FTP server's behavior after sending a \"CWD /\" command, which allows remote FTP servers to cause a denial of service (infinite loop) by (1) repeatedly sending a 550 error response, or (2) sending a 550 error response and then disconnecting."
 }
 },
 "CVE-2017-7916": {
 "cached_at": "2026-03-26T15:49:02.162890+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2017-7916",
 "sourceIdentifier": "ics-cert@hq.dhs.gov",
 "published": "2017-08-07T08:29:00.197",
 "lastModified": "2025-04-20T01:37:25.860",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. The web application does not properly restrict privileges of the Guest account. A malicious user may be able to gain access to configuration information that should be restricted."
 },
 {
 "lang": "es",
 "value": "Se ha descubierto un problema de control de permisos, privilegios y accesos en ABB VSN300 WiFi Logger Card versiones 1.8.15 y anteriores, y VSN300 WiFi Logger Card for React versiones 2.1.3 y anteriores. La aplicaci\u00f3n web no restringe privilegios de la cuenta de invitado correctamente. Un usuario malicioso podr\u00eda ser capaz de conseguir acceso a informaci\u00f3n de configuraci\u00f3n que deber\u00eda estar restringida."
 }
 ],
 "metrics": {
 "cvssMetricV30": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "3.0",
 "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
 "baseScore": 6.5,
 "baseSeverity": "MEDIUM",
 "attackVector": "NETWORK",
 "attackComplexity": "LOW",
 "privilegesRequired": "LOW",
 "userInteraction": "NONE",
 "scope": "UNCHANGED",
 "confidentialityImpact": "HIGH",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "exploitabilityScore": 2.8,
 "impactScore": 3.6
 }
 ],
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
 "baseScore": 4.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "SINGLE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "ics-cert@hq.dhs.gov",
 "type": "Secondary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-264"
 }
 ]
 },
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-269"
 }
 ]
 }
 ],
 "configurations": [
 {
 "operator": "AND",
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:abb:vsn300_firmware:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "1.8.15",
 "matchCriteriaId": "55CE1554-02F3-48C7-9358-5BFAE8C73088"
 }
 ]
 },
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": false,
 "criteria": "cpe:2.3:h:abb:vsn300:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "440423E1-CF52-4E64-9FFF-BA00636DAB57"
 }
 ]
 }
 ]
 },
 {
 "operator": "AND",
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:abb:vsn300_for_react_firmware:2.1.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "7A99018B-9729-45B8-8E1C-1A3940329897"
 }
 ]
 },
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": false,
 "criteria": "cpe:2.3:h:abb:vsn300_for_react:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "A14628BB-774D-436E-A2DF-C9CC66A1D3CE"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107045A1977&LanguageCode=en&DocumentPartId=&Action=Launch",
 "source": "ics-cert@hq.dhs.gov",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/99558",
 "source": "ics-cert@hq.dhs.gov",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-192-03",
 "source": "ics-cert@hq.dhs.gov",
 "tags": [
 "Third Party Advisory",
 "US Government Resource"
 ]
 },
 {
 "url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107045A1977&LanguageCode=en&DocumentPartId=&Action=Launch",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/99558",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-192-03",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "US Government Resource"
 ]
 }
 ]
 },
 "cvss": 6.5,
 "severity": "MEDIUM",
 "description": "A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. The web application does not properly restrict privileges of the Guest account. A malicious user may be able to gain access to configuration information that should be restricted."
 }
 },
 "CVE-2017-7920": {
 "cached_at": "2026-03-26T15:49:03.241287+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2017-7920",
 "sourceIdentifier": "ics-cert@hq.dhs.gov",
 "published": "2017-08-07T08:29:00.243",
 "lastModified": "2025-04-20T01:37:25.860",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "An Improper Authentication issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal information about status and connected devices without authenticating."
 },
 {
 "lang": "es",
 "value": "Se ha descubierto un problema de autenticaci\u00f3n incorrecta en ABB VSN300 WiFi Logger Card versiones 1.8.15 y anteriores, y VSN300 WiFi Logger Card for React versiones 2.1.3 y anteriores. Al acceder a una URL concreta en el servidor web, un usuario malicioso es capaz de acceder a informaci\u00f3n interna acerca del estado y los dispositivos conectados sin autenticarse."
 }
 ],
 "metrics": {
 "cvssMetricV30": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "3.0",
 "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
 "baseScore": 7.5,
 "baseSeverity": "HIGH",
 "attackVector": "NETWORK",
 "attackComplexity": "LOW",
 "privilegesRequired": "NONE",
 "userInteraction": "NONE",
 "scope": "UNCHANGED",
 "confidentialityImpact": "HIGH",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "exploitabilityScore": 3.9,
 "impactScore": 3.6
 }
 ],
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "ics-cert@hq.dhs.gov",
 "type": "Secondary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-287"
 }
 ]
 },
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-287"
 }
 ]
 }
 ],
 "configurations": [
 {
 "operator": "AND",
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:abb:vsn300_firmware:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "1.8.15",
 "matchCriteriaId": "55CE1554-02F3-48C7-9358-5BFAE8C73088"
 }
 ]
 },
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": false,
 "criteria": "cpe:2.3:h:abb:vsn300:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "440423E1-CF52-4E64-9FFF-BA00636DAB57"
 }
 ]
 }
 ]
 },
 {
 "operator": "AND",
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:abb:vsn300_for_react_firmware:2.1.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "7A99018B-9729-45B8-8E1C-1A3940329897"
 }
 ]
 },
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": false,
 "criteria": "cpe:2.3:h:abb:vsn300_for_react:-:*:*:*:*:*:*:*",
 "matchCriteriaId": "A14628BB-774D-436E-A2DF-C9CC66A1D3CE"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107045A1977&LanguageCode=en&DocumentPartId=&Action=Launch",
 "source": "ics-cert@hq.dhs.gov",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/99558",
 "source": "ics-cert@hq.dhs.gov",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-192-03",
 "source": "ics-cert@hq.dhs.gov",
 "tags": [
 "Third Party Advisory",
 "US Government Resource"
 ]
 },
 {
 "url": "http://search.abb.com/library/Download.aspx?DocumentID=9AKK107045A1977&LanguageCode=en&DocumentPartId=&Action=Launch",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/99558",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-192-03",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "US Government Resource"
 ]
 }
 ]
 },
 "cvss": 7.5,
 "severity": "HIGH",
 "description": "An Improper Authentication issue was discovered in ABB VSN300 WiFi Logger Card versions 1.8.15 and prior, and VSN300 WiFi Logger Card for React versions 2.1.3 and prior. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access internal information about status and connected devices without authenticating."
 }
 },
 "CVE-2017-1000386": {
 "cached_at": "2026-03-26T15:49:04.273280+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2017-1000386",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2018-01-26T02:29:00.267",
 "lastModified": "2024-11-21T03:04:36.670",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Jenkins Active Choices plugin version 1.5.3 and earlier allowed users with Job/Configure permission to provide arbitrary HTML to be shown on the 'Build With Parameters' page through the 'Active Choices Reactive Reference Parameter' type. This could include, for example, arbitrary JavaScript. Active Choices now sanitizes the HTML inserted on the 'Build With Parameters' page if and only if the script is executed in a sandbox. As unsandboxed scripts are subject to administrator approval, it is up to the administrator to allow or disallow problematic script output."
 },
 {
 "lang": "es",
 "value": "El plugin Jenkins Active Choices en versiones 1.5.3 y anteriores permit\u00eda que usuarios con el permiso Job/Configure proporcionasen HTML arbitrarios para que se mostrase en la p\u00e1gina \"Build With Parameters\" a trav\u00e9s del tipo \"Active Choices Reactive Reference Parameter\". Esto podr\u00eda incluir, por ejemplo, JavaScript arbitrario. Ahora, Active Choices sanea el HTML insertado en la p\u00e1gina \"Build With Parameters\" solo si el script se ejecuta en un sandbox. Como los scripts que no se ejecutan en sandbox est\u00e1n sujetos a la aprobaci\u00f3n del administrador, son estos usuarios los que deciden si permitir o no el env\u00edo de scripts problem\u00e1ticos."
 }
 ],
 "metrics": {
 "cvssMetricV30": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "3.0",
 "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
 "baseScore": 5.4,
 "baseSeverity": "MEDIUM",
 "attackVector": "NETWORK",
 "attackComplexity": "LOW",
 "privilegesRequired": "LOW",
 "userInteraction": "REQUIRED",
 "scope": "CHANGED",
 "confidentialityImpact": "LOW",
 "integrityImpact": "LOW",
 "availabilityImpact": "NONE"
 },
 "exploitabilityScore": 2.3,
 "impactScore": 2.7
 }
 ],
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
 "baseScore": 3.5,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "SINGLE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "LOW",
 "exploitabilityScore": 6.8,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": true
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-79"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:jenkins:active_choices:*:*:*:*:*:jenkins:*:*",
 "versionEndIncluding": "1.5.2",
 "matchCriteriaId": "FF04CE1B-11E0-4AED-915E-AD009D611E38"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:jenkins:active_choices:1.5.3:-:*:*:*:*:*:*",
 "matchCriteriaId": "06243B6F-3511-4AF2-AA93-C03DA6DCA5C7"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:jenkins:active_choices:1.5.3:alpha:*:*:*:jenkins:*:*",
 "matchCriteriaId": "D4EDB876-32B4-4A2B-BB4B-DA098FB2D5D4"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://www.securityfocus.com/bid/101538",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://jenkins.io/security/advisory/2017-10-23/",
 "source": "cve@mitre.org",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/101538",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "https://jenkins.io/security/advisory/2017-10-23/",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 5.4,
 "severity": "MEDIUM",
 "description": "Jenkins Active Choices plugin version 1.5.3 and earlier allowed users with Job/Configure permission to provide arbitrary HTML to be shown on the 'Build With Parameters' page through the 'Active Choices Reactive Reference Parameter' type. This could include, for example, arbitrary JavaScript. Active Choices now sanitizes the HTML inserted on the 'Build With Parameters' page if and only if the script is executed in a sandbox. As unsandboxed scripts are subject to administrator approval, it is up t"
 }
 },
 "CVE-2018-7197": {
 "cached_at": "2026-03-26T15:49:05.398230+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2018-7197",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2018-02-18T03:29:00.243",
 "lastModified": "2024-11-21T04:11:46.403",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "An issue was discovered in Pluck through 4.7.4. A stored cross-site scripting (XSS) vulnerability allows remote unauthenticated users to inject arbitrary web script or HTML into admin/blog Reaction Comments via a crafted URL."
 },
 {
 "lang": "es",
 "value": "Se ha descubierto un problema hasta la versi\u00f3n 4.7.4 de Pluck. Una vulnerabilidad de Cross-Site Scripting (XSS) persistente permite que usuarios remotos no autenticados inyecten scripts web o HTML arbitrarios en comentarios de reacci\u00f3n en admin/blog mediante una URL manipulada."
 }
 ],
 "metrics": {
 "cvssMetricV30": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "3.0",
 "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
 "baseScore": 6.1,
 "baseSeverity": "MEDIUM",
 "attackVector": "NETWORK",
 "attackComplexity": "LOW",
 "privilegesRequired": "NONE",
 "userInteraction": "REQUIRED",
 "scope": "CHANGED",
 "confidentialityImpact": "LOW",
 "integrityImpact": "LOW",
 "availabilityImpact": "NONE"
 },
 "exploitabilityScore": 2.8,
 "impactScore": 2.7
 }
 ],
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
 "baseScore": 4.3,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.6,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": true
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-79"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:pluck-cms:pluck:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "4.7.4",
 "matchCriteriaId": "291F9561-FF87-4867-9C68-19FA59C5F3B4"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "https://github.com/pluck-cms/pluck/issues/47",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://github.com/pluck-cms/pluck/issues/47",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Third Party Advisory"
 ]
 }
 ]
 },
 "cvss": 6.1,
 "severity": "MEDIUM",
 "description": "An issue was discovered in Pluck through 4.7.4. A stored cross-site scripting (XSS) vulnerability allows remote unauthenticated users to inject arbitrary web script or HTML into admin/blog Reaction Comments via a crafted URL."
 }
 },
 "CVE-2004-1812": {
 "cached_at": "2026-03-26T15:49:07.642285+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2004-1812",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2004-12-31T05:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
 "baseScore": 10.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "COMPLETE",
 "integrityImpact": "COMPLETE",
 "availabilityImpact": "COMPLETE"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 10.0,
 "acInsufInfo": false,
 "obtainAllPrivilege": true,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:broadcom:unicenter_tng:2.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "D2C5704D-3337-4351-872B-AF987DC39BC5"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:broadcom:unicenter_tng:2.4.2:*:*:*:*:*:*:*",
 "matchCriteriaId": "6EFF2305-24CF-48F7-841E-63400CF25B48"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "ftp://ftp.ca.com/CAproducts/unicenter/CCS31/nt/qi52764/QI52764.DB0",
 "source": "cve@mitre.org",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=107936784030214&w=2",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://secunia.com/advisories/11131",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.derkeiler.com/Mailing-Lists/VulnWatch/2004-03/0008.html",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.immunitysec.com/downloads/awservices.sxw.pdf",
 "source": "cve@mitre.org",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/9863",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15472",
 "source": "cve@mitre.org"
 },
 {
 "url": "ftp://ftp.ca.com/CAproducts/unicenter/CCS31/nt/qi52764/QI52764.DB0",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=107936784030214&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://secunia.com/advisories/11131",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.derkeiler.com/Mailing-Lists/VulnWatch/2004-03/0008.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.immunitysec.com/downloads/awservices.sxw.pdf",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/9863",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15472",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code."
 }
 },
 "CVE-2004-2138": {
 "cached_at": "2026-03-26T15:49:08.502546+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2004-2138",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2004-12-31T05:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
 "baseScore": 6.8,
 "accessVector": "NETWORK",
 "accessComplexity": "MEDIUM",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 8.6,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": true,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:allwebscripts:mysqlguest:*:*:*:*:*:*:*:*",
 "matchCriteriaId": "0DFFA849-219B-4649-B78E-47659C0CBB54"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://securitytracker.com/id?1011376",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.computerknights.org/forum_viewtopic.php?2.122",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "URL Repurposed"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/11234",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17462",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://securitytracker.com/id?1011376",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.computerknights.org/forum_viewtopic.php?2.122",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "URL Repurposed"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/11234",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17462",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field."
 }
 },
 "CVE-2005-0116": {
 "cached_at": "2026-03-26T15:49:09.521885+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-0116",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-01-18T05:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": true,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-20"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:awstats:awstats:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "6.3",
 "matchCriteriaId": "64A662D9-1187-489B-8E44-A409FFC808A6"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://packetstormsecurity.org/0501-exploits/AWStatsVulnAnalysis.pdf",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://secunia.com/advisories/13893/",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities&flashstatus=false",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.kb.cert.org/vuls/id/272296",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Third Party Advisory",
 "US Government Resource"
 ]
 },
 {
 "url": "http://www.osvdb.org/13002",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://www.securityfocus.com/bid/12298",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://awstats.sourceforge.net/docs/awstats_changelog.txt",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://packetstormsecurity.org/0501-exploits/AWStatsVulnAnalysis.pdf",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://secunia.com/advisories/13893/",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities&flashstatus=false",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.kb.cert.org/vuls/id/272296",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Third Party Advisory",
 "US Government Resource"
 ]
 },
 {
 "url": "http://www.osvdb.org/13002",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 },
 {
 "url": "http://www.securityfocus.com/bid/12298",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl."
 }
 },
 "CVE-2005-0362": {
 "cached_at": "2026-03-26T15:49:10.363069+00:00",
 "data": {
 "verified": false,
 "data": null,
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "CVE not found in NVD database"
 }
 },
 "CVE-2005-0363": {
 "cached_at": "2026-03-26T15:49:11.349907+00:00",
 "data": {
 "verified": false,
 "data": null,
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "CVE not found in NVD database"
 }
 },
 "CVE-2005-0435": {
 "cached_at": "2026-03-26T15:49:12.447583+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-0435",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-05-02T04:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:awstats:awstats:6.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "24439BBC-DEDA-4309-B8B5-78289476052B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:awstats:awstats:6.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "25550AA8-8C79-48EA-A904-896B5B00077B"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://secunia.com/advisories/14299",
 "source": "cve@mitre.org",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/archive/1/390368",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19333",
 "source": "cve@mitre.org"
 },
 {
 "url": "http://secunia.com/advisories/14299",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/archive/1/390368",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19333",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog."
 }
 },
 "CVE-2005-0436": {
 "cached_at": "2026-03-26T15:49:13.363911+00:00",
 "data": {
 "verified": false,
 "data": null,
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "CVE not found in NVD database"
 }
 },
 "CVE-2005-0437": {
 "cached_at": "2026-03-26T15:49:14.253044+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2005-0437",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2005-05-02T04:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:awstats:awstats:6.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "24439BBC-DEDA-4309-B8B5-78289476052B"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:awstats:awstats:6.4:*:*:*:*:*:*:*",
 "matchCriteriaId": "25550AA8-8C79-48EA-A904-896B5B00077B"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://secunia.com/advisories/14299",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/archive/1/390368",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://secunia.com/advisories/14299",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Patch",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/archive/1/390368",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter."
 }
 },
 "CVE-2005-0438": {
 "cached_at": "2026-03-26T15:49:15.121451+00:00",
 "data": {
 "verified": false,
 "data": null,
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "CVE not found in NVD database"
 }
 },
 "CVE-2005-1527": {
 "cached_at": "2026-03-26T15:49:16.033614+00:00",
 "data": {
 "verified": false,
 "data": null,
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "CVE not found in NVD database"
 }
 },
 "CVE-2020-36363": {
 "cached_at": "2026-04-06T11:23:38.873825+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2020-36363",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2021-08-12T22:15:07.640",
 "lastModified": "2024-11-21T05:29:18.963",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers."
 },
 {
 "lang": "es",
 "value": "Amazon AWS CloudFront versi\u00f3n TLSv1.2_2019, permite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 y TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, que algunas entidades consideran cifrados d\u00e9biles."
 }
 ],
 "metrics": {
 "cvssMetricV31": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "3.1",
 "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
 "baseScore": 9.8,
 "baseSeverity": "CRITICAL",
 "attackVector": "NETWORK",
 "attackComplexity": "LOW",
 "privilegesRequired": "NONE",
 "userInteraction": "NONE",
 "scope": "UNCHANGED",
 "confidentialityImpact": "HIGH",
 "integrityImpact": "HIGH",
 "availabilityImpact": "HIGH"
 },
 "exploitabilityScore": 3.9,
 "impactScore": 5.9
 }
 ],
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 7.5,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-327"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:amazon:amazon_cloudfront:1.2_2019:*:*:*:*:*:*:*",
 "matchCriteriaId": "68F2AFC4-75CF-41C1-8A2E-7CC659E22969"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "https://aws.amazon.com/about-aws/whats-new/2020/07/cloudfront-tls-security-policy/",
 "source": "cve@mitre.org",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "https://stackoverflow.com/questions/62071604",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://aws.amazon.com/about-aws/whats-new/2020/07/cloudfront-tls-security-policy/",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Vendor Advisory"
 ]
 },
 {
 "url": "https://stackoverflow.com/questions/62071604",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Third Party Advisory"
 ]
 }
 ]
 },
 "cvss": 9.8,
 "severity": "CRITICAL",
 "description": "Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers."
 }
 },
 "CVE-2025-57682": {
 "cached_at": "2026-04-06T11:23:40.003087+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-2025-57682",
 "sourceIdentifier": "cve@mitre.org",
 "published": "2025-09-22T16:15:45.837",
 "lastModified": "2025-10-14T19:56:26.170",
 "vulnStatus": "Analyzed",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the \"POST /api/file/s3/get-presigned-get-url-proxy\" API"
 }
 ],
 "metrics": {
 "cvssMetricV31": [
 {
 "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
 "type": "Secondary",
 "cvssData": {
 "version": "3.1",
 "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
 "baseScore": 6.5,
 "baseSeverity": "MEDIUM",
 "attackVector": "NETWORK",
 "attackComplexity": "LOW",
 "privilegesRequired": "LOW",
 "userInteraction": "NONE",
 "scope": "UNCHANGED",
 "confidentialityImpact": "HIGH",
 "integrityImpact": "NONE",
 "availabilityImpact": "NONE"
 },
 "exploitabilityScore": 2.8,
 "impactScore": 3.6
 }
 ]
 },
 "weaknesses": [
 {
 "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
 "type": "Secondary",
 "description": [
 {
 "lang": "en",
 "value": "CWE-22"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:papermark:papermark:*:*:*:*:*:*:*:*",
 "versionEndIncluding": "0.20.0",
 "matchCriteriaId": "B65047BA-7158-4377-A7EF-36251ECA94B7"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "https://github.com/dos-m0nk3y/CVE/tree/main/CVE-2025-57682",
 "source": "cve@mitre.org",
 "tags": [
 "Third Party Advisory"
 ]
 },
 {
 "url": "https://github.com/mfts/papermark",
 "source": "cve@mitre.org",
 "tags": [
 "Product"
 ]
 },
 {
 "url": "https://papermark.com/",
 "source": "cve@mitre.org",
 "tags": [
 "Product"
 ]
 }
 ]
 },
 "cvss": 6.5,
 "severity": "MEDIUM",
 "description": "Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the \"POST /api/file/s3/get-presigned-get-url-proxy\" API"
 }
 },
 "CVE-1999-1015": {
 "cached_at": "2026-04-07T23:20:17.168207+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-1015",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1998-04-08T04:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
 "baseScore": 5.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "NONE",
 "integrityImpact": "NONE",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 10.0,
 "impactScore": 2.9,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:a:apple:appleshare_mail_server:5.0.3:*:*:*:*:*:*:*",
 "matchCriteriaId": "9BB5CA34-6F8B-42A8-9E2A-C13C648ED379"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://marc.info/?l=bugtraq&m=89200657216213&w=2",
 "source": "cve@mitre.org",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/61",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 },
 {
 "url": "http://marc.info/?l=bugtraq&m=89200657216213&w=2",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Mailing List",
 "Third Party Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/61",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Third Party Advisory",
 "VDB Entry"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command."
 }
 },
 "CVE-1999-1393": {
 "cached_at": "2026-04-07T23:20:17.845604+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-1393",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1999-05-21T04:00:00.000",
 "lastModified": "2025-04-03T01:03:51.193",
 "vulnStatus": "Deferred",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "Control Panel \"Password Security\" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
 "baseScore": 4.6,
 "accessVector": "LOCAL",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "PARTIAL",
 "integrityImpact": "PARTIAL",
 "availabilityImpact": "PARTIAL"
 },
 "baseSeverity": "MEDIUM",
 "exploitabilityScore": 3.9,
 "impactScore": 6.4,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "configurations": [
 {
 "nodes": [
 {
 "operator": "OR",
 "negate": false,
 "cpeMatch": [
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:apple:macos:8.5:*:*:*:*:*:*:*",
 "matchCriteriaId": "B228B2A1-8897-4028-9744-B30021CC6ECB"
 },
 {
 "vulnerable": true,
 "criteria": "cpe:2.3:o:apple:macos:8.6:*:*:*:*:*:*:*",
 "matchCriteriaId": "5CD596AD-EBF4-4A02-88E2-54952FD19E09"
 }
 ]
 }
 ]
 }
 ],
 "references": [
 {
 "url": "http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/532",
 "source": "cve@mitre.org",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 },
 {
 "url": "http://www.securityfocus.com/bid/532",
 "source": "af854a3a-2127-422b-91ae-364da2661108",
 "tags": [
 "Exploit",
 "Vendor Advisory"
 ]
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "Control Panel \"Password Security\" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible."
 }
 },
 "CVE-1999-0561": {
 "cached_at": "2026-04-25T01:44:20.786469+00:00",
 "data": {
 "verified": true,
 "data": {
 "id": "CVE-1999-0561",
 "sourceIdentifier": "cve@mitre.org",
 "published": "1999-01-01T05:00:00.000",
 "lastModified": "2026-04-16T00:27:16.627",
 "vulnStatus": "Modified",
 "cveTags": [],
 "descriptions": [
 {
 "lang": "en",
 "value": "IIS has the #exec function enabled for Server Side Include (SSI) files."
 }
 ],
 "metrics": {
 "cvssMetricV2": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "cvssData": {
 "version": "2.0",
 "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
 "baseScore": 10.0,
 "accessVector": "NETWORK",
 "accessComplexity": "LOW",
 "authentication": "NONE",
 "confidentialityImpact": "COMPLETE",
 "integrityImpact": "COMPLETE",
 "availabilityImpact": "COMPLETE"
 },
 "baseSeverity": "HIGH",
 "exploitabilityScore": 10.0,
 "impactScore": 10.0,
 "acInsufInfo": false,
 "obtainAllPrivilege": false,
 "obtainUserPrivilege": false,
 "obtainOtherPrivilege": false,
 "userInteractionRequired": false
 }
 ]
 },
 "weaknesses": [
 {
 "source": "nvd@nist.gov",
 "type": "Primary",
 "description": [
 {
 "lang": "en",
 "value": "NVD-CWE-Other"
 }
 ]
 }
 ],
 "references": [
 {
 "url": "https://www.cve.org/CVERecord?id=CVE-1999-0561",
 "source": "cve@mitre.org"
 },
 {
 "url": "https://www.cve.org/CVERecord?id=CVE-1999-0561",
 "source": "af854a3a-2127-422b-91ae-364da2661108"
 }
 ]
 },
 "cvss": 0.0,
 "severity": "UNKNOWN",
 "description": "IIS has the #exec function enabled for Server Side Include (SSI) files."
 }
 }
}