Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/php@4.3.9-3?arch=29

Type rpm

Namespace redhat

Name php

Version 4.3.9-3

Qualifiers

arch	29

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-3mtj-3s5r-jqf4

vulnerability_id VCID-3mtj-3s5r-jqf4

summary

Multiple vulnerabilities were found in PHP, the worst of which leading to
    the remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3291.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3291.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3291

reference_id

reference_type

scores

value	0.02209
scoring_system	epss
scoring_elements	0.84383
published_at	2026-04-01T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.84398
published_at	2026-04-02T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.84418
published_at	2026-04-04T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.84421
published_at	2026-04-07T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.84442
published_at	2026-04-08T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.84447
published_at	2026-04-09T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.84466
published_at	2026-04-11T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.8446
published_at	2026-04-12T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.84455
published_at	2026-04-13T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.84477
published_at	2026-04-16T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.84478
published_at	2026-04-18T12:55:00Z

value	0.02209
scoring_system	epss
scoring_elements	0.8448
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3291

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=524228
reference_id	524228
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=524228

reference_url	https://security.gentoo.org/glsa/201001-03
reference_id	GLSA-201001-03
reference_type
scores
url	https://security.gentoo.org/glsa/201001-03

reference_url	https://access.redhat.com/errata/RHSA-2010:0040
reference_id	RHSA-2010:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0040

reference_url	https://usn.ubuntu.com/862-1/
reference_id	USN-862-1
reference_type
scores
url	https://usn.ubuntu.com/862-1/

fixed_packages

aliases CVE-2009-3291

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3mtj-3s5r-jqf4

url

VCID-4ehv-84qa-fubx

vulnerability_id

VCID-4ehv-84qa-fubx

summary

The GD library is prone to a buffer overflow vulnerability.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3546.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3546.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3546

reference_id

reference_type

scores

value	0.04125
scoring_system	epss
scoring_elements	0.8858
published_at	2026-04-01T12:55:00Z

value	0.04125
scoring_system	epss
scoring_elements	0.88589
published_at	2026-04-02T12:55:00Z

value	0.04125
scoring_system	epss
scoring_elements	0.88606
published_at	2026-04-04T12:55:00Z

value	0.04125
scoring_system	epss
scoring_elements	0.88608
published_at	2026-04-07T12:55:00Z

value	0.04125
scoring_system	epss
scoring_elements	0.88627
published_at	2026-04-08T12:55:00Z

value	0.04125
scoring_system	epss
scoring_elements	0.88631
published_at	2026-04-09T12:55:00Z

value	0.04125
scoring_system	epss
scoring_elements	0.88643
published_at	2026-04-11T12:55:00Z

value	0.04663
scoring_system	epss
scoring_elements	0.89327
published_at	2026-04-21T12:55:00Z

value	0.04663
scoring_system	epss
scoring_elements	0.89322
published_at	2026-04-12T12:55:00Z

value	0.04663
scoring_system	epss
scoring_elements	0.89319
published_at	2026-04-13T12:55:00Z

value	0.04663
scoring_system	epss
scoring_elements	0.89332
published_at	2026-04-16T12:55:00Z

value	0.04663
scoring_system	epss
scoring_elements	0.89331
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3546

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=529213
reference_id	529213
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=529213

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552534
reference_id	552534
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552534

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601525
reference_id	601525
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601525

reference_url	https://security.archlinux.org/ASA-201701-1
reference_id	ASA-201701-1
reference_type
scores
url	https://security.archlinux.org/ASA-201701-1

reference_url

https://security.archlinux.org/AVG-16

reference_id

AVG-16

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-16

reference_url	https://security.gentoo.org/glsa/201001-03
reference_id	GLSA-201001-03
reference_type
scores
url	https://security.gentoo.org/glsa/201001-03

reference_url	https://security.gentoo.org/glsa/201006-16
reference_id	GLSA-201006-16
reference_type
scores
url	https://security.gentoo.org/glsa/201006-16

reference_url	https://access.redhat.com/errata/RHSA-2010:0003
reference_id	RHSA-2010:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0003

reference_url	https://access.redhat.com/errata/RHSA-2010:0040
reference_id	RHSA-2010:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0040

reference_url	https://usn.ubuntu.com/854-1/
reference_id	USN-854-1
reference_type
scores
url	https://usn.ubuntu.com/854-1/

fixed_packages

aliases

CVE-2009-3546

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4ehv-84qa-fubx

url

VCID-cj5p-bytf-pqfw

vulnerability_id

VCID-cj5p-bytf-pqfw

summary

Multiple vulnerabilities were found in PHP, the worst of which leading to
    the remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4142.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4142.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-4142

reference_id

reference_type

scores

value	0.16946
scoring_system	epss
scoring_elements	0.94938
published_at	2026-04-01T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94947
published_at	2026-04-02T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94949
published_at	2026-04-04T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94951
published_at	2026-04-07T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94959
published_at	2026-04-08T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94963
published_at	2026-04-09T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94968
published_at	2026-04-11T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94969
published_at	2026-04-12T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94972
published_at	2026-04-13T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.9498
published_at	2026-04-16T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94984
published_at	2026-04-18T12:55:00Z

value	0.16946
scoring_system	epss
scoring_elements	0.94987
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-4142

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=548516
reference_id	548516
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=548516

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/33414.php
reference_id	CVE-2009-4142;OSVDB-61209
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/33414.php

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/33415.php
reference_id	CVE-2009-4142;OSVDB-61209
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/33415.php

reference_url	https://www.securityfocus.com/bid/37389/info
reference_id	CVE-2009-4142;OSVDB-61209
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/37389/info

reference_url	https://security.gentoo.org/glsa/201001-03
reference_id	GLSA-201001-03
reference_type
scores
url	https://security.gentoo.org/glsa/201001-03

reference_url	https://access.redhat.com/errata/RHSA-2010:0040
reference_id	RHSA-2010:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0040

reference_url	https://usn.ubuntu.com/882-1/
reference_id	USN-882-1
reference_type
scores
url	https://usn.ubuntu.com/882-1/

fixed_packages

aliases

CVE-2009-4142

risk_score

0.4

exploitability

2.0

weighted_severity

0.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-cj5p-bytf-pqfw

url VCID-nzc1-7c19-3qa3

vulnerability_id VCID-nzc1-7c19-3qa3

summary

Multiple vulnerabilities were found in PHP, the worst of which leading to
    the remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3292.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3292.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3292

reference_id

reference_type

scores

value	0.03611
scoring_system	epss
scoring_elements	0.8773
published_at	2026-04-01T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87741
published_at	2026-04-02T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87754
published_at	2026-04-04T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87757
published_at	2026-04-07T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87777
published_at	2026-04-08T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87784
published_at	2026-04-09T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87795
published_at	2026-04-11T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.8779
published_at	2026-04-12T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87788
published_at	2026-04-13T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87802
published_at	2026-04-16T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87801
published_at	2026-04-18T12:55:00Z

value	0.03611
scoring_system	epss
scoring_elements	0.87799
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3292

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=524222
reference_id	524222
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=524222

reference_url	https://security.gentoo.org/glsa/201001-03
reference_id	GLSA-201001-03
reference_type
scores
url	https://security.gentoo.org/glsa/201001-03

reference_url	https://access.redhat.com/errata/RHSA-2010:0040
reference_id	RHSA-2010:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0040

reference_url	https://usn.ubuntu.com/862-1/
reference_id	USN-862-1
reference_type
scores
url	https://usn.ubuntu.com/862-1/

fixed_packages

aliases CVE-2009-3292

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nzc1-7c19-3qa3

url

VCID-pxje-hj73-k7d8

vulnerability_id

VCID-pxje-hj73-k7d8

summary

Multiple vulnerabilities were found in PHP, the worst of which leading to
    the remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2687.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2687.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2687

reference_id

reference_type

scores

value	0.11713
scoring_system	epss
scoring_elements	0.93651
published_at	2026-04-01T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.93661
published_at	2026-04-02T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.9367
published_at	2026-04-04T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.93672
published_at	2026-04-07T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.9368
published_at	2026-04-08T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.93683
published_at	2026-04-09T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.93687
published_at	2026-04-12T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.93688
published_at	2026-04-13T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.93705
published_at	2026-04-16T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.93712
published_at	2026-04-18T12:55:00Z

value	0.11713
scoring_system	epss
scoring_elements	0.93715
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2687

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=506896
reference_id	506896
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=506896

reference_url	https://security.gentoo.org/glsa/201001-03
reference_id	GLSA-201001-03
reference_type
scores
url	https://security.gentoo.org/glsa/201001-03

reference_url	https://access.redhat.com/errata/RHSA-2010:0040
reference_id	RHSA-2010:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0040

reference_url	https://usn.ubuntu.com/824-1/
reference_id	USN-824-1
reference_type
scores
url	https://usn.ubuntu.com/824-1/

fixed_packages

aliases

CVE-2009-2687

risk_score

0.1

exploitability

0.5

weighted_severity

0.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-pxje-hj73-k7d8

url VCID-xkkh-8crx-ffgg

vulnerability_id VCID-xkkh-8crx-ffgg

summary

Multiple vulnerabilities were found in PHP, the worst of which leading to
    the remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4017.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4017.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-4017

reference_id

reference_type

scores

value	0.0143
scoring_system	epss
scoring_elements	0.806
published_at	2026-04-01T12:55:00Z

value	0.0143
scoring_system	epss
scoring_elements	0.80607
published_at	2026-04-02T12:55:00Z

value	0.0143
scoring_system	epss
scoring_elements	0.80629
published_at	2026-04-04T12:55:00Z

value	0.0143
scoring_system	epss
scoring_elements	0.80623
published_at	2026-04-07T12:55:00Z

value	0.0143
scoring_system	epss
scoring_elements	0.8065
published_at	2026-04-08T12:55:00Z

value	0.0143
scoring_system	epss
scoring_elements	0.8066
published_at	2026-04-09T12:55:00Z

value	0.0143
scoring_system	epss
scoring_elements	0.80676
published_at	2026-04-11T12:55:00Z

value	0.0143
scoring_system	epss
scoring_elements	0.80663
published_at	2026-04-12T12:55:00Z

value	0.0143
scoring_system	epss
scoring_elements	0.80655
published_at	2026-04-13T12:55:00Z

value	0.01918
scoring_system	epss
scoring_elements	0.8337
published_at	2026-04-16T12:55:00Z

value	0.01918
scoring_system	epss
scoring_elements	0.83371
published_at	2026-04-18T12:55:00Z

value	0.01918
scoring_system	epss
scoring_elements	0.83372
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-4017

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=540459
reference_id	540459
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=540459

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/10242.py
reference_id	CVE-2009-4017;OSVDB-60451
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/10242.py

reference_url	https://security.gentoo.org/glsa/201001-03
reference_id	GLSA-201001-03
reference_type
scores
url	https://security.gentoo.org/glsa/201001-03

reference_url	https://access.redhat.com/errata/RHSA-2010:0040
reference_id	RHSA-2010:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0040

reference_url	https://usn.ubuntu.com/862-1/
reference_id	USN-862-1
reference_type
scores
url	https://usn.ubuntu.com/862-1/

fixed_packages

aliases CVE-2009-4017

risk_score null

exploitability 2.0

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xkkh-8crx-ffgg

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.9-3%3Farch=29

Package Instance