Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-fpye-8fe9-m7du

Summary

Multiple vulnerabilities in Python may allow for the execution of arbitrary
    code.

Aliases

alias	CVE-2008-3143

Fixed_packages

url	pkg:ebuild/dev-lang/python@2.5.2-r6
purl	pkg:ebuild/dev-lang/python@2.5.2-r6
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@2.5.2-r6

Affected_packages

url pkg:rpm/redhat/python@2.2.3-6?arch=11

purl pkg:rpm/redhat/python@2.2.3-6?arch=11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-24m5-6chr-y7a8

vulnerability	VCID-38yx-1h5j-4kb1

vulnerability	VCID-bas7-hr7c-r7b3

vulnerability	VCID-fpye-8fe9-m7du

vulnerability	VCID-g65j-xhje-hkd4

vulnerability	VCID-qh23-73q6-pubf

vulnerability	VCID-wznk-5ze9-kucq

vulnerability	VCID-yser-kjy9-e7ck

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.2.3-6%3Farch=11

url pkg:rpm/redhat/python@2.3.4-14.7.el4_8?arch=2

purl pkg:rpm/redhat/python@2.3.4-14.7.el4_8?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-24m5-6chr-y7a8

vulnerability	VCID-38yx-1h5j-4kb1

vulnerability	VCID-b3m1-mjke-n3br

vulnerability	VCID-bas7-hr7c-r7b3

vulnerability	VCID-fpye-8fe9-m7du

vulnerability	VCID-g65j-xhje-hkd4

vulnerability	VCID-qh23-73q6-pubf

vulnerability	VCID-wznk-5ze9-kucq

vulnerability	VCID-yser-kjy9-e7ck

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.3.4-14.7.el4_8%3Farch=2

url pkg:rpm/redhat/python@2.4.3-24.el5_3?arch=6

purl pkg:rpm/redhat/python@2.4.3-24.el5_3?arch=6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-24m5-6chr-y7a8

vulnerability	VCID-38yx-1h5j-4kb1

vulnerability	VCID-b3m1-mjke-n3br

vulnerability	VCID-bas7-hr7c-r7b3

vulnerability	VCID-fpye-8fe9-m7du

vulnerability	VCID-g65j-xhje-hkd4

vulnerability	VCID-k8aa-5wqq-73h3

vulnerability	VCID-q7b1-n4tc-dffa

vulnerability	VCID-qh23-73q6-pubf

vulnerability	VCID-wznk-5ze9-kucq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.4.3-24.el5_3%3Farch=6

References

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=232137
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=232137

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3143.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3143.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3143

reference_id

reference_type

scores

value	0.01548
scoring_system	epss
scoring_elements	0.8148
published_at	2026-04-29T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81343
published_at	2026-04-01T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81353
published_at	2026-04-02T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81375
published_at	2026-04-04T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81372
published_at	2026-04-07T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81401
published_at	2026-04-08T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81405
published_at	2026-04-09T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81427
published_at	2026-04-11T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81414
published_at	2026-04-12T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81407
published_at	2026-04-13T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81444
published_at	2026-04-16T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81445
published_at	2026-04-18T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81446
published_at	2026-04-21T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81468
published_at	2026-04-24T12:55:00Z

value	0.01548
scoring_system	epss
scoring_elements	0.81475
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3143

reference_url	http://secunia.com/advisories/31332
reference_id
reference_type
scores
url	http://secunia.com/advisories/31332

reference_url	http://secunia.com/advisories/31365
reference_id
reference_type
scores
url	http://secunia.com/advisories/31365

reference_url	http://secunia.com/advisories/31473
reference_id
reference_type
scores
url	http://secunia.com/advisories/31473

reference_url	http://secunia.com/advisories/31518
reference_id
reference_type
scores
url	http://secunia.com/advisories/31518

reference_url	http://secunia.com/advisories/31687
reference_id
reference_type
scores
url	http://secunia.com/advisories/31687

reference_url	http://secunia.com/advisories/32793
reference_id
reference_type
scores
url	http://secunia.com/advisories/32793

reference_url	http://secunia.com/advisories/37471
reference_id
reference_type
scores
url	http://secunia.com/advisories/37471

reference_url	http://security.gentoo.org/glsa/glsa-200807-16.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200807-16.xml

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7720
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7720

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8996
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8996

reference_url	http://svn.python.org/view?rev=60793&view=rev
reference_id
reference_type
scores
url	http://svn.python.org/view?rev=60793&view=rev

reference_url	http://wiki.rpath.com/Advisories:rPSA-2008-0243
reference_id
reference_type
scores
url	http://wiki.rpath.com/Advisories:rPSA-2008-0243

reference_url	http://www.debian.org/security/2008/dsa-1667
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1667

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:163
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:163

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:164
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:164

reference_url	http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900
reference_id
reference_type
scores
url	http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5032900

reference_url	http://www.python.org/download/releases/2.5.2/NEWS.txt
reference_id
reference_type
scores
url	http://www.python.org/download/releases/2.5.2/NEWS.txt

reference_url	http://www.python.org/download/releases/2.6/NEWS.txt
reference_id
reference_type
scores
url	http://www.python.org/download/releases/2.6/NEWS.txt

reference_url	http://www.securityfocus.com/archive/1/495445/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495445/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/507985/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/507985/100/0/threaded

reference_url	http://www.securityfocus.com/bid/30491
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30491

reference_url	http://www.ubuntu.com/usn/usn-632-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-632-1

reference_url	http://www.vmware.com/security/advisories/VMSA-2009-0016.html
reference_id
reference_type
scores
url	http://www.vmware.com/security/advisories/VMSA-2009-0016.html

reference_url	http://www.vupen.com/english/advisories/2008/2288
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2288

reference_url	http://www.vupen.com/english/advisories/2009/3316
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/3316

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=455013
reference_id	455013
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=455013

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3143

reference_id

CVE-2008-3143

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3143

reference_url	https://security.gentoo.org/glsa/200807-16
reference_id	GLSA-200807-16
reference_type
scores
url	https://security.gentoo.org/glsa/200807-16

reference_url	https://access.redhat.com/errata/RHSA-2009:1176
reference_id	RHSA-2009:1176
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1176

reference_url	https://access.redhat.com/errata/RHSA-2009:1177
reference_id	RHSA-2009:1177
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1177

reference_url	https://access.redhat.com/errata/RHSA-2009:1178
reference_id	RHSA-2009:1178
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1178

reference_url	https://usn.ubuntu.com/632-1/
reference_id	USN-632-1
reference_type
scores
url	https://usn.ubuntu.com/632-1/

Weaknesses

cwe_id	190
name	Integer Overflow or Wraparound
description	The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

Exploits

Severity_range_score 7.5 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fpye-8fe9-m7du

Vulnerability Instance