Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-3exb-uh1x-rkf8

Summary

Multiple vulnerabilities have been found in the UW IMAP toolkit and the
    c-client library, the worst of which leading to the execution of arbitrary
    code.

Aliases

alias	CVE-2008-5005

Fixed_packages

url	pkg:deb/debian/alpine@0?distro=trixie
purl	pkg:deb/debian/alpine@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/alpine@0%3Fdistro=trixie

url pkg:deb/debian/alpine@2.24%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/alpine@2.24%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-j774-u18y-z7dc

vulnerability	VCID-nskz-nvjh-yyff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/alpine@2.24%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/alpine@2.26%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/alpine@2.26%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/alpine@2.26%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/alpine@2.26%2Bdfsg-3?distro=trixie
purl	pkg:deb/debian/alpine@2.26%2Bdfsg-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/alpine@2.26%252Bdfsg-3%3Fdistro=trixie

url	pkg:deb/debian/alpine@2.26%2Bdfsg-5?distro=trixie
purl	pkg:deb/debian/alpine@2.26%2Bdfsg-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/alpine@2.26%252Bdfsg-5%3Fdistro=trixie

url	pkg:deb/debian/uw-imap@7:2007d~dfsg-1?distro=bullseye
purl	pkg:deb/debian/uw-imap@7:2007d~dfsg-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/uw-imap@7:2007d~dfsg-1%3Fdistro=bullseye

url pkg:deb/debian/uw-imap@8:2007e~dfsg-3.1

purl pkg:deb/debian/uw-imap@8:2007e~dfsg-3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dcbh-qs9z-ubaw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/uw-imap@8:2007e~dfsg-3.1

url	pkg:deb/debian/uw-imap@8:2007f~dfsg-7?distro=bullseye
purl	pkg:deb/debian/uw-imap@8:2007f~dfsg-7?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/uw-imap@8:2007f~dfsg-7%3Fdistro=bullseye

url	pkg:ebuild/net-libs/c-client@2007e
purl	pkg:ebuild/net-libs/c-client@2007e
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/c-client@2007e

url	pkg:ebuild/net-mail/uw-imap@2007e
purl	pkg:ebuild/net-mail/uw-imap@2007e
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-mail/uw-imap@2007e

Affected_packages

url pkg:deb/debian/uw-imap@4:2001adebian-6

purl pkg:deb/debian/uw-imap@4:2001adebian-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3exb-uh1x-rkf8

vulnerability	VCID-5scr-2vxt-e7gz

vulnerability	VCID-6jh1-37ph-2bev

vulnerability	VCID-75gm-tz5w-qfan

vulnerability	VCID-anhs-xyx5-4fbf

vulnerability	VCID-dcbh-qs9z-ubaw

vulnerability	VCID-sme9-5sz7-yuh2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/uw-imap@4:2001adebian-6

url pkg:deb/debian/uw-imap@7:2002edebian1-11sarge1

purl pkg:deb/debian/uw-imap@7:2002edebian1-11sarge1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3exb-uh1x-rkf8

vulnerability	VCID-6jh1-37ph-2bev

vulnerability	VCID-75gm-tz5w-qfan

vulnerability	VCID-dcbh-qs9z-ubaw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/uw-imap@7:2002edebian1-11sarge1

url pkg:deb/debian/uw-imap@7:2002edebian1-13.1

purl pkg:deb/debian/uw-imap@7:2002edebian1-13.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3exb-uh1x-rkf8

vulnerability	VCID-6jh1-37ph-2bev

vulnerability	VCID-dcbh-qs9z-ubaw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/uw-imap@7:2002edebian1-13.1

url pkg:deb/debian/uw-imap@7:2002edebian1-13.1%2Betch1

purl pkg:deb/debian/uw-imap@7:2002edebian1-13.1%2Betch1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3exb-uh1x-rkf8

vulnerability	VCID-6jh1-37ph-2bev

vulnerability	VCID-dcbh-qs9z-ubaw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/uw-imap@7:2002edebian1-13.1%252Betch1

url pkg:deb/debian/uw-imap@7:2007b~dfsg-4%2Blenny3

purl pkg:deb/debian/uw-imap@7:2007b~dfsg-4%2Blenny3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3exb-uh1x-rkf8

vulnerability	VCID-6jh1-37ph-2bev

vulnerability	VCID-dcbh-qs9z-ubaw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/uw-imap@7:2007b~dfsg-4%252Blenny3

References

reference_url	http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html
reference_id
reference_type
scores
url	http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002267.html

reference_url	http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html
reference_id
reference_type
scores
url	http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/002268.html

reference_url	http://marc.info/?l=full-disclosure&m=122572590212610&w=4
reference_id
reference_type
scores
url	http://marc.info/?l=full-disclosure&m=122572590212610&w=4

reference_url	http://panda.com/imap/
reference_id
reference_type
scores
url	http://panda.com/imap/

reference_url	http://rhn.redhat.com/errata/RHSA-2009-0275.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2009-0275.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5005.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5005.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

reference_id

reference_type

scores

value	0.04761
scoring_system	epss
scoring_elements	0.89465
published_at	2026-04-18T12:55:00Z

value	0.04761
scoring_system	epss
scoring_elements	0.89411
published_at	2026-04-01T12:55:00Z

value	0.04761
scoring_system	epss
scoring_elements	0.89415
published_at	2026-04-02T12:55:00Z

value	0.04761
scoring_system	epss
scoring_elements	0.89426
published_at	2026-04-04T12:55:00Z

value	0.04761
scoring_system	epss
scoring_elements	0.89427
published_at	2026-04-07T12:55:00Z

value	0.04761
scoring_system	epss
scoring_elements	0.89443
published_at	2026-04-08T12:55:00Z

value	0.04761
scoring_system	epss
scoring_elements	0.89447
published_at	2026-04-09T12:55:00Z

value	0.04761
scoring_system	epss
scoring_elements	0.89456
published_at	2026-04-11T12:55:00Z

value	0.04761
scoring_system	epss
scoring_elements	0.89454
published_at	2026-04-12T12:55:00Z

value	0.04761
scoring_system	epss
scoring_elements	0.89449
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5005

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5005
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5005

reference_url	http://secunia.com/advisories/32483
reference_id
reference_type
scores
url	http://secunia.com/advisories/32483

reference_url	http://secunia.com/advisories/32512
reference_id
reference_type
scores
url	http://secunia.com/advisories/32512

reference_url	http://secunia.com/advisories/33142
reference_id
reference_type
scores
url	http://secunia.com/advisories/33142

reference_url	http://secunia.com/advisories/33996
reference_id
reference_type
scores
url	http://secunia.com/advisories/33996

reference_url	http://securityreason.com/securityalert/4570
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/4570

reference_url	http://securitytracker.com/id?1021131
reference_id
reference_type
scores
url	http://securitytracker.com/id?1021131

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/46281
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/46281

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10485
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10485

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2009-065.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2009-065.htm

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00058.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00058.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00082.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00082.html

reference_url	http://www.bitsec.com/en/rad/bsa-081103.c
reference_id
reference_type
scores
url	http://www.bitsec.com/en/rad/bsa-081103.c

reference_url	http://www.bitsec.com/en/rad/bsa-081103.txt
reference_id
reference_type
scores
url	http://www.bitsec.com/en/rad/bsa-081103.txt

reference_url	http://www.debian.org/security/2008/dsa-1685
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1685

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:146
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:146

reference_url	http://www.openwall.com/lists/oss-security/2008/11/03/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/11/03/3

reference_url	http://www.openwall.com/lists/oss-security/2008/11/03/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/11/03/4

reference_url	http://www.openwall.com/lists/oss-security/2008/11/03/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/11/03/5

reference_url	http://www.securityfocus.com/archive/1/498002/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498002/100/0/threaded

reference_url	http://www.securityfocus.com/bid/32072
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/32072

reference_url	http://www.vupen.com/english/advisories/2008/3042
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/3042

reference_url	http://www.washington.edu/alpine/tmailbug.html
reference_id
reference_type
scores
url	http://www.washington.edu/alpine/tmailbug.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=469667
reference_id	469667
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=469667

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.80:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.80:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.80:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.81:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.81:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.81:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.82:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.82:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.82:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.83:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.83:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.83:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.98:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.98:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.98:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.99:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.99:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.99:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.999:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.999:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.999:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.9999:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.9999:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.9999:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.99999:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.99999:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.99999:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.999999:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:0.999999:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:0.999999:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:1.00:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:1.00:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:1.00:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:1.10:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:1.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:1.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:2.00:::::::*
reference_id	cpe:2.3:a:university_of_washington:alpine:2.00:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:alpine:2.00:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2002:::::::*
reference_id	cpe:2.3:a:university_of_washington:imap_toolkit:2002:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2002:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2003:::::::*
reference_id	cpe:2.3:a:university_of_washington:imap_toolkit:2003:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2003:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2004:::::::*
reference_id	cpe:2.3:a:university_of_washington:imap_toolkit:2004:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2004:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2005:::::::*
reference_id	cpe:2.3:a:university_of_washington:imap_toolkit:2005:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2005:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2006:::::::*
reference_id	cpe:2.3:a:university_of_washington:imap_toolkit:2006:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2006:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2007:::::::*
reference_id	cpe:2.3:a:university_of_washington:imap_toolkit:2007:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2007:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2007c:::::::*
reference_id	cpe:2.3:a:university_of_washington:imap_toolkit:2007c:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_washington:imap_toolkit:2007c:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-5005

reference_id

CVE-2008-5005

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-5005

reference_url	https://security.gentoo.org/glsa/200911-03
reference_id	GLSA-200911-03
reference_type
scores
url	https://security.gentoo.org/glsa/200911-03

reference_url	https://access.redhat.com/errata/RHSA-2009:0275
reference_id	RHSA-2009:0275
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0275

Weaknesses

cwe_id	119
name	Improper Restriction of Operations within the Bounds of a Memory Buffer
description	The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Exploits

Severity_range_score 10.0 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3exb-uh1x-rkf8

Vulnerability Instance