{"alias":[],"description":"The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For headers in a request.","epss":{"percentile":"0.83512","score":"0.019280"},"id":"CVE-2012-3526","metrics":{"cvss2":{"ac_insuf_info":0,"access_complexity":"LOW","access_vector":"NETWORK","authentication":"NONE","availability_impact":"PARTIAL","base_score":5.0,"base_severity":"MEDIUM","confidentiality_impact":"NONE","exploitability_score":10.0,"impact_score":2.9,"integrity_impact":"NONE","obtain_all_privilege":0,"obtain_other_privilege":0,"obtain_user_privilege":0,"user_interaction_required":0,"vector_string":"AV:N\/AC:L\/Au:N\/C:N\/I:N\/A:P","version":"2.0"}},"modified":"2026-04-29T01:13:23","nvd_status":"Modified","published":"2012-09-05T23:55:01","score":5.0,"severity":"MEDIUM","source":"secalert@redhat.com","status":"PUBLISHED","weaknesses":[]}