Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-sxc2-qmst-kub2

Summary

BEA JRockit contains several vulnerabilities, some of which may allow the
    execution of arbitrary code.

Aliases

alias	CVE-2007-3503

Fixed_packages

url	pkg:ebuild/dev-java/jrockit-jdk-bin@1.5.0.11_p1
purl	pkg:ebuild/dev-java/jrockit-jdk-bin@1.5.0.11_p1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/jrockit-jdk-bin@1.5.0.11_p1

Affected_packages

url pkg:rpm/redhat/java-1.5.0-bea@1.5.0.11-1jpp.1?arch=el5

purl pkg:rpm/redhat/java-1.5.0-bea@1.5.0.11-1jpp.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fbs-tg62-affp

vulnerability	VCID-d5e5-vaa8-wbdr

vulnerability	VCID-s828-4jhd-3be6

vulnerability	VCID-shkc-uvbb-3bgc

vulnerability	VCID-sxc2-qmst-kub2

vulnerability	VCID-yugs-rwuf-q7gh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-bea@1.5.0.11-1jpp.1%3Farch=el5

url pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.5-1jpp.0.1?arch=el5

purl pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.5-1jpp.0.1?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fbs-tg62-affp

vulnerability	VCID-d5e5-vaa8-wbdr

vulnerability	VCID-ea5j-wj8f-tkfj

vulnerability	VCID-qhun-34fa-xygm

vulnerability	VCID-s828-4jhd-3be6

vulnerability	VCID-sxc2-qmst-kub2

vulnerability	VCID-ybjz-2xqf-2ub1

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.5-1jpp.0.1%3Farch=el5

url pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.5-1jpp.2?arch=el4

purl pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.5-1jpp.2?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fbs-tg62-affp

vulnerability	VCID-d5e5-vaa8-wbdr

vulnerability	VCID-ea5j-wj8f-tkfj

vulnerability	VCID-qhun-34fa-xygm

vulnerability	VCID-s828-4jhd-3be6

vulnerability	VCID-sxc2-qmst-kub2

vulnerability	VCID-ybjz-2xqf-2ub1

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-ibm@1:1.5.0.5-1jpp.2%3Farch=el4

url pkg:rpm/redhat/java-1.5.0-sun@1.5.0.12-1jpp.2?arch=el4

purl pkg:rpm/redhat/java-1.5.0-sun@1.5.0.12-1jpp.2?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ea5j-wj8f-tkfj

vulnerability	VCID-sxc2-qmst-kub2

vulnerability	VCID-ybjz-2xqf-2ub1

vulnerability	VCID-yugs-rwuf-q7gh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.5.0-sun@1.5.0.12-1jpp.2%3Farch=el4

References

reference_url	http://dev2dev.bea.com/pub/advisory/248
reference_id
reference_type
scores
url	http://dev2dev.bea.com/pub/advisory/248

reference_url	http://docs.info.apple.com/article.html?artnum=307177
reference_id
reference_type
scores
url	http://docs.info.apple.com/article.html?artnum=307177

reference_url	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html

reference_url	http://osvdb.org/36488
reference_id
reference_type
scores
url	http://osvdb.org/36488

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3503.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3503.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3503

reference_id

reference_type

scores

value	0.01057
scoring_system	epss
scoring_elements	0.77643
published_at	2026-04-18T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77548
published_at	2026-04-01T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77555
published_at	2026-04-02T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77581
published_at	2026-04-04T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77561
published_at	2026-04-07T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77591
published_at	2026-04-08T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77598
published_at	2026-04-09T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77625
published_at	2026-04-11T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77609
published_at	2026-04-12T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77608
published_at	2026-04-13T12:55:00Z

value	0.01057
scoring_system	epss
scoring_elements	0.77645
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3503

reference_url	http://secunia.com/advisories/25769
reference_id
reference_type
scores
url	http://secunia.com/advisories/25769

reference_url	http://secunia.com/advisories/26314
reference_id
reference_type
scores
url	http://secunia.com/advisories/26314

reference_url	http://secunia.com/advisories/26369
reference_id
reference_type
scores
url	http://secunia.com/advisories/26369

reference_url	http://secunia.com/advisories/26631
reference_id
reference_type
scores
url	http://secunia.com/advisories/26631

reference_url	http://secunia.com/advisories/26645
reference_id
reference_type
scores
url	http://secunia.com/advisories/26645

reference_url	http://secunia.com/advisories/26933
reference_id
reference_type
scores
url	http://secunia.com/advisories/26933

reference_url	http://secunia.com/advisories/27203
reference_id
reference_type
scores
url	http://secunia.com/advisories/27203

reference_url	http://secunia.com/advisories/28115
reference_id
reference_type
scores
url	http://secunia.com/advisories/28115

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35168
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/35168

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10704
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10704

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200709-15.xml

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0818.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0818.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0829.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0829.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0956.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0956.html

reference_url	http://www.securityfocus.com/bid/24690
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24690

reference_url	http://www.securitytracker.com/id?1018327
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018327

reference_url	http://www.vupen.com/english/advisories/2007/2383
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2383

reference_url	http://www.vupen.com/english/advisories/2007/3009
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/3009

reference_url	http://www.vupen.com/english/advisories/2007/4224
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/4224

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=246765
reference_id	246765
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=246765

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update11::::::
reference_id	cpe:2.3:a:oracle:jdk:1.5.0:update11::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update11::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:::::::*
reference_id	cpe:2.3:a:oracle:jdk:1.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-3503

reference_id

CVE-2007-3503

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2007-3503

reference_url	https://security.gentoo.org/glsa/200709-15
reference_id	GLSA-200709-15
reference_type
scores
url	https://security.gentoo.org/glsa/200709-15

reference_url	https://access.redhat.com/errata/RHSA-2007:0818
reference_id	RHSA-2007:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0818

reference_url	https://access.redhat.com/errata/RHSA-2007:0829
reference_id	RHSA-2007:0829
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0829

reference_url	https://access.redhat.com/errata/RHSA-2007:0956
reference_id	RHSA-2007:0956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0956

Weaknesses

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Exploits

Severity_range_score 4.3 - 4.3

Exploitability 0.5

Weighted_severity 3.9

Risk_score 1.9

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sxc2-qmst-kub2

Vulnerability Instance