[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-11985":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":341,"aliases":342,"duplicate_of":9,"upstream":343,"downstream":344,"duplicates":355,"related":356,"reserved_at":9,"published_at":358,"modified_at":359,"state":360,"summary":361,"references_raw":369,"kevs":443,"epss":444,"epss_history":447,"metrics":695,"affected":706},"CVE-2020-11985","IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-345","Insufficient Verification of Data Authenticity","The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.","weakness","Draft","Class",[19,23,76,88,109,113,117,121,125,129,133,337],{"id":20,"name":21,"techniques":22},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":24,"name":25,"techniques":26},"CAPEC-141","Cache Poisoning",[27],{"id":28,"name":29,"tactics":30,"countermeasures":37},"T1557.002","ARP Cache Poisoning",[31,34],{"id":32,"name":33},"TA0031","Credential Access",{"id":35,"name":36},"TA0100","Collection",[38,43,47,51,55,59,63,67,71],{"id":39,"name":40,"tactic":41},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":42},"Detect",{"id":44,"name":45,"tactic":46},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":42},{"id":48,"name":49,"tactic":50},"D3-CSPP","Client-server Payload Profiling",{"name":42},{"id":52,"name":53,"tactic":54},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":42},{"id":56,"name":57,"tactic":58},"D3-NTSA","Network Traffic Signature Analysis",{"name":42},{"id":60,"name":61,"tactic":62},"D3-APCA","Application Protocol Command Analysis",{"name":42},{"id":64,"name":65,"tactic":66},"D3-NTCD","Network Traffic Community Deviation",{"name":42},{"id":68,"name":69,"tactic":70},"D3-RTSD","Remote Terminal Session Detection",{"name":42},{"id":72,"name":73,"tactic":74},"D3-NTF","Network Traffic Filtering",{"name":75},"Isolate",{"id":77,"name":78,"techniques":79},"CAPEC-142","DNS Cache Poisoning",[80],{"id":81,"name":82,"tactics":83,"countermeasures":87},"T1584.002","DNS Server",[84],{"id":85,"name":86},"TA0042","Resource Development",[],{"id":89,"name":90,"techniques":91},"CAPEC-148","Content Spoofing",[92],{"id":93,"name":94,"tactics":95,"countermeasures":99},"T1491","Defacement",[96],{"id":97,"name":98},"TA0105","Impact",[100,105],{"id":101,"name":102,"tactic":103},"D3-DNR","Decoy Network Resource",{"name":104},"Deceive",{"id":106,"name":107,"tactic":108},"D3-NRAM","Network Resource Access Mediation",{"name":75},{"id":110,"name":111,"techniques":112},"CAPEC-218","Spoofing of UDDI/ebXML Messages",[],{"id":114,"name":115,"techniques":116},"CAPEC-384","Application API Message Manipulation via Man-in-the-Middle",[],{"id":118,"name":119,"techniques":120},"CAPEC-385","Transaction or Event Tampering via Application API Manipulation",[],{"id":122,"name":123,"techniques":124},"CAPEC-386","Application API Navigation Remapping",[],{"id":126,"name":127,"techniques":128},"CAPEC-387","Navigation Remapping To Propagate Malicious Content",[],{"id":130,"name":131,"techniques":132},"CAPEC-388","Application API Button Hijacking",[],{"id":134,"name":135,"techniques":136},"CAPEC-665","Exploitation of Thunderbolt Protection Flaws",[137,173,213],{"id":138,"name":139,"tactics":140,"countermeasures":147},"T1211","Exploitation for Stealth",[141,144],{"id":142,"name":143},"TA0030","Defense Evasion",{"id":145,"name":146},"TA0005","Stealth",[148,152,156,160,165,169],{"id":149,"name":150,"tactic":151},"D3-MBT","Memory Boundary Tracking",{"name":42},{"id":153,"name":154,"tactic":155},"D3-PCSV","Process Code Segment Verification",{"name":42},{"id":157,"name":158,"tactic":159},"D3-SSC","Shadow Stack Comparisons",{"name":42},{"id":161,"name":162,"tactic":163},"D3-PSEP","Process Segment Execution Prevention",{"name":164},"Harden",{"id":166,"name":167,"tactic":168},"D3-SAOR","Segment Address Offset Randomization",{"name":164},{"id":170,"name":171,"tactic":172},"D3-SFCV","Stack Frame Canary Validation",{"name":164},{"id":174,"name":175,"tactics":176,"countermeasures":182},"T1542.002","Component Firmware",[177,178,179],{"id":142,"name":143},{"id":145,"name":146},{"id":180,"name":181},"TA0110","Persistence",[183,188,192,196,200,204,208],{"id":184,"name":185,"tactic":186},"D3-SWI","Software Inventory",{"name":187},"Model",{"id":189,"name":190,"tactic":191},"D3-AVE","Asset Vulnerability Enumeration",{"name":187},{"id":193,"name":194,"tactic":195},"D3-FEMC","Firmware Embedded Monitoring Code",{"name":42},{"id":197,"name":198,"tactic":199},"D3-FV","Firmware Verification",{"name":42},{"id":201,"name":202,"tactic":203},"D3-FBA","Firmware Behavior Analysis",{"name":42},{"id":205,"name":206,"tactic":207},"D3-SU","Software Update",{"name":164},{"id":209,"name":210,"tactic":211},"D3-RS","Restore Software",{"name":212},"Restore",{"id":214,"name":215,"tactics":216,"countermeasures":223},"T1556","Modify Authentication Process",[217,218,221,222],{"id":142,"name":143},{"id":219,"name":220},"TA0112","Defense Impairment",{"id":180,"name":181},{"id":32,"name":33},[224,228,232,236,240,244,248,252,256,260,265,269,273,277,281,285,289,293,297,301,305,309,313,317,321,325,329,333],{"id":225,"name":226,"tactic":227},"D3-CI","Configuration Inventory",{"name":187},{"id":229,"name":230,"tactic":231},"D3-NTPM","Network Traffic Policy Mapping",{"name":187},{"id":233,"name":234,"tactic":235},"D3-AM","Access Modeling",{"name":187},{"id":237,"name":238,"tactic":239},"D3-FA","File Analysis",{"name":42},{"id":241,"name":242,"tactic":243},"D3-FIM","File Integrity Monitoring",{"name":42},{"id":245,"name":246,"tactic":247},"D3-PLA","Process Lineage Analysis",{"name":42},{"id":249,"name":250,"tactic":251},"D3-PSMD","Process Self-Modification Detection",{"name":42},{"id":253,"name":254,"tactic":255},"D3-PSA","Process Spawn Analysis",{"name":42},{"id":257,"name":258,"tactic":259},"D3-SFA","System File Analysis",{"name":42},{"id":261,"name":262,"tactic":263},"D3-FEV","File Eviction",{"name":264},"Evict",{"id":266,"name":267,"tactic":268},"D3-PT","Process Termination",{"name":264},{"id":270,"name":271,"tactic":272},"D3-PS","Process Suspension",{"name":264},{"id":274,"name":275,"tactic":276},"D3-HR","Host Reboot",{"name":264},{"id":278,"name":279,"tactic":280},"D3-HS","Host Shutdown",{"name":264},{"id":282,"name":283,"tactic":284},"D3-DF","Decoy File",{"name":104},{"id":286,"name":287,"tactic":288},"D3-FE","File Encryption",{"name":164},{"id":290,"name":291,"tactic":292},"D3-RF","Restore File",{"name":212},{"id":294,"name":295,"tactic":296},"D3-RC","Restore Configuration",{"name":212},{"id":298,"name":299,"tactic":300},"D3-CF","Content Filtering",{"name":75},{"id":302,"name":303,"tactic":304},"D3-LFP","Local File Permissions",{"name":75},{"id":306,"name":307,"tactic":308},"D3-RFAM","Remote File Access Mediation",{"name":75},{"id":310,"name":311,"tactic":312},"D3-CQ","Content Quarantine",{"name":75},{"id":314,"name":315,"tactic":316},"D3-CM","Content Modification",{"name":75},{"id":318,"name":319,"tactic":320},"D3-KBPI","Kernel-based Process Isolation",{"name":75},{"id":322,"name":323,"tactic":324},"D3-SCF","System Call Filtering",{"name":75},{"id":326,"name":327,"tactic":328},"D3-HBPI","Hardware-based Process Isolation",{"name":75},{"id":330,"name":331,"tactic":332},"D3-ABPI","Application-based Process Isolation",{"name":75},{"id":334,"name":335,"tactic":336},"D3-WSAM","Web Session Access Mediation",{"name":75},{"id":338,"name":339,"techniques":340},"CAPEC-701","Browser in the Middle (BiTM)",[],[],[],[],[345,347,349,351,353],{"_key":346},"SUSE-SU-2020:2450-1",{"_key":348},"DEBIAN-CVE-2020-11985",{"_key":350},"RHBA-2015:2194",{"_key":352},"RHSA-2017:1161",{"_key":354},"UBUNTU-CVE-2020-11985",[],[357],{"_key":346},"2020-08-07T15:36:31.000Z","2024-08-04T11:48:58.232Z","Modified",{"cisa_kev":362,"cisa_ransomware":362,"cisa_vendor":9,"epss_severity":363,"epss_score":364,"severity":363,"severity_score":365,"severity_version":366,"severity_source":367,"severity_vector":368,"severity_status":360},false,"medium",0.15318,5.3,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",[370,377,383,388,392,396,401,407,411,415,419,423,427,431,435,439],{"url":371,"sources":372,"tags":374},"https://httpd.apache.org/security/vulnerabilities_24.html",[373,367],"cve.org",[375,376],"X Refsource MISC","Vendor Advisory",{"url":378,"sources":379,"tags":380},"https://security.gentoo.org/glsa/202008-04",[373,367],[376,381,382],"X Refsource GENTOO","Third Party Advisory",{"url":384,"sources":385,"tags":386},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYVYE2ZERFXDV6RMKK3I5SDSDQLPSEIQ/",[373,367],[376,387],"X Refsource FEDORA",{"url":389,"sources":390,"tags":391},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/",[373,367],[376,387],{"url":393,"sources":394,"tags":395},"https://www.oracle.com/security-alerts/cpujan2021.html",[373,367],[375],{"url":397,"sources":398,"tags":399},"https://security.netapp.com/advisory/ntap-20200827-0002/",[373,367],[400],"X Refsource CONFIRM",{"url":402,"sources":403,"tags":404},"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],"Mailing List","X Refsource MLIST",{"url":408,"sources":409,"tags":410},"https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],{"url":412,"sources":413,"tags":414},"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],{"url":416,"sources":417,"tags":418},"https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],{"url":420,"sources":421,"tags":422},"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],{"url":424,"sources":425,"tags":426},"https://lists.apache.org/thread.html/r3c5c3104813c1c5508b55564b66546933079250a46ce50eee90b2e36%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],{"url":428,"sources":429,"tags":430},"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],{"url":432,"sources":433,"tags":434},"https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],{"url":436,"sources":437,"tags":438},"https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],{"url":440,"sources":441,"tags":442},"https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",[373,367],[405,406],[],{"date":445,"score":364,"percentile":446},"2026-06-04",0.94754,[448,452,454,457,460,463,465,467,469,472,475,478,480,482,484,488,491,494,496,498,501,503,505,507,509,511,515,519,523,526,529,532,535,538,541,543,546,549,552,555,558,561,563,566,569,572,574,577,579,582,584,587,590,592,596,599,602,605,608,611,614,617,619,622,624,627,629,632,635,638,641,643,646,648,651,653,655,658,660,663,666,669,672,675,678,680,683,686,688,691],{"date":449,"score":450,"percentile":451},"2025-11-04",0.39655,0.97129,{"date":453,"score":450,"percentile":451},"2025-11-05",{"date":455,"score":450,"percentile":456},"2025-11-06",0.9713,{"date":458,"score":450,"percentile":459},"2025-11-07",0.97133,{"date":461,"score":450,"percentile":462},"2025-11-08",0.97131,{"date":464,"score":450,"percentile":462},"2025-11-09",{"date":466,"score":450,"percentile":456},"2025-11-10",{"date":468,"score":450,"percentile":462},"2025-11-11",{"date":470,"score":450,"percentile":471},"2025-11-12",0.97134,{"date":473,"score":450,"percentile":474},"2025-11-13",0.97135,{"date":476,"score":450,"percentile":477},"2025-11-14",0.97136,{"date":479,"score":450,"percentile":459},"2025-11-15",{"date":481,"score":450,"percentile":471},"2025-11-16",{"date":483,"score":450,"percentile":474},"2025-11-17",{"date":485,"score":486,"percentile":487},"2025-11-18",0.03718,0.86805,{"date":489,"score":486,"percentile":490},"2025-11-19",0.86806,{"date":492,"score":486,"percentile":493},"2025-11-20",0.86807,{"date":495,"score":450,"percentile":474},"2025-11-21",{"date":497,"score":450,"percentile":459},"2025-11-22",{"date":499,"score":450,"percentile":500},"2025-11-23",0.97132,{"date":502,"score":450,"percentile":474},"2025-11-24",{"date":504,"score":450,"percentile":474},"2025-11-25",{"date":506,"score":450,"percentile":474},"2025-11-26",{"date":508,"score":450,"percentile":477},"2025-11-27",{"date":510,"score":450,"percentile":474},"2025-11-28",{"date":512,"score":513,"percentile":514},"2025-11-29",0.24928,0.95937,{"date":516,"score":517,"percentile":518},"2025-11-30",0.17306,0.94774,{"date":520,"score":521,"percentile":522},"2025-12-01",0.1538,0.94415,{"date":524,"score":521,"percentile":525},"2025-12-02",0.94417,{"date":527,"score":521,"percentile":528},"2025-12-03",0.94418,{"date":530,"score":517,"percentile":531},"2025-12-04",0.94775,{"date":533,"score":517,"percentile":534},"2025-12-05",0.94778,{"date":536,"score":517,"percentile":537},"2025-12-06",0.94779,{"date":539,"score":517,"percentile":540},"2025-12-07",0.94785,{"date":542,"score":517,"percentile":540},"2025-12-08",{"date":544,"score":517,"percentile":545},"2025-12-09",0.94789,{"date":547,"score":517,"percentile":548},"2025-12-10",0.94797,{"date":550,"score":517,"percentile":551},"2025-12-11",0.94799,{"date":553,"score":517,"percentile":554},"2025-12-12",0.94803,{"date":556,"score":517,"percentile":557},"2025-12-13",0.94801,{"date":559,"score":517,"percentile":560},"2025-12-14",0.948,{"date":562,"score":517,"percentile":554},"2025-12-15",{"date":564,"score":517,"percentile":565},"2025-12-16",0.94805,{"date":567,"score":517,"percentile":568},"2025-12-17",0.94808,{"date":570,"score":517,"percentile":571},"2025-12-18",0.94809,{"date":573,"score":517,"percentile":571},"2025-12-19",{"date":575,"score":517,"percentile":576},"2025-12-20",0.94811,{"date":578,"score":517,"percentile":576},"2025-12-21",{"date":580,"score":517,"percentile":581},"2025-12-22",0.9481,{"date":583,"score":517,"percentile":581},"2025-12-23",{"date":585,"score":517,"percentile":586},"2025-12-24",0.94815,{"date":588,"score":517,"percentile":589},"2025-12-25",0.94822,{"date":591,"score":517,"percentile":589},"2025-12-26",{"date":593,"score":594,"percentile":595},"2025-12-27",0.25905,0.96116,{"date":597,"score":517,"percentile":598},"2025-12-28",0.94817,{"date":600,"score":517,"percentile":601},"2025-12-29",0.94818,{"date":603,"score":517,"percentile":604},"2025-12-30",0.94819,{"date":606,"score":517,"percentile":607},"2025-12-31",0.94823,{"date":609,"score":521,"percentile":610},"2026-01-01",0.94469,{"date":612,"score":521,"percentile":613},"2026-01-02",0.94462,{"date":615,"score":521,"percentile":616},"2026-01-03",0.94459,{"date":618,"score":517,"percentile":586},"2026-01-04",{"date":620,"score":517,"percentile":621},"2026-01-05",0.94813,{"date":623,"score":517,"percentile":621},"2026-01-06",{"date":625,"score":517,"percentile":626},"2026-01-07",0.94814,{"date":628,"score":517,"percentile":604},"2026-01-08",{"date":630,"score":364,"percentile":631},"2026-01-09",0.94408,{"date":633,"score":364,"percentile":634},"2026-01-10",0.9441,{"date":636,"score":364,"percentile":637},"2026-01-11",0.94407,{"date":639,"score":364,"percentile":640},"2026-01-12",0.94405,{"date":642,"score":364,"percentile":637},"2026-01-13",{"date":644,"score":364,"percentile":645},"2026-01-14",0.94411,{"date":647,"score":364,"percentile":645},"2026-01-15",{"date":649,"score":364,"percentile":650},"2026-01-16",0.94414,{"date":652,"score":364,"percentile":525},"2026-01-17",{"date":654,"score":364,"percentile":650},"2026-01-18",{"date":656,"score":364,"percentile":657},"2026-01-19",0.94412,{"date":659,"score":364,"percentile":525},"2026-01-20",{"date":661,"score":364,"percentile":662},"2026-01-21",0.94419,{"date":664,"score":364,"percentile":665},"2026-01-22",0.94422,{"date":667,"score":364,"percentile":668},"2026-01-23",0.94429,{"date":670,"score":364,"percentile":671},"2026-01-24",0.94433,{"date":673,"score":364,"percentile":674},"2026-01-25",0.94434,{"date":676,"score":364,"percentile":677},"2026-01-26",0.94436,{"date":679,"score":364,"percentile":677},"2026-01-27",{"date":681,"score":364,"percentile":682},"2026-01-28",0.9444,{"date":684,"score":364,"percentile":685},"2026-01-29",0.94441,{"date":687,"score":364,"percentile":682},"2026-01-30",{"date":689,"score":364,"percentile":690},"2026-01-31",0.94443,{"date":692,"score":693,"percentile":694},"2026-02-01",0.13382,0.94029,[696],{"source":367,"cvss_v2_0":697,"cvss_v3_0":9,"cvss_v3_1":702,"cvss_v4_0":9},{"baseScore":698,"baseSeverity":9,"vectorString":699,"impactScore":700,"exploitabilityScore":701},4.3,"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":365,"baseSeverity":703,"vectorString":368,"impactScore":704,"exploitabilityScore":705},"MEDIUM",2.3,10,[707],{"ecosystem":9,"name":708,"vendor":9,"product":708,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":709},"HTTP Server",[710],{"version":711,"is_range":712,"range_type":713,"version_start":714,"version_start_type":715,"version_end":716,"version_end_type":715,"fixed_in":9},"gte2.4.1_lte2.4.23",true,"cpe","2.4.1","including","2.4.23"]