Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-yc7j-b5gb-jqe5

Summary

Multiple vulnerabilities have been identified, the worst of which allow
    arbitrary code execution on a user's system via a malicious Flash file.

Aliases

alias	CVE-2008-5362

Fixed_packages

url	pkg:ebuild/www-plugins/adobe-flash@10.0.22.87
purl	pkg:ebuild/www-plugins/adobe-flash@10.0.22.87
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-plugins/adobe-flash@10.0.22.87

Affected_packages

url pkg:rpm/redhat/flash-plugin@9.0.151.0-1?arch=el4

purl pkg:rpm/redhat/flash-plugin@9.0.151.0-1?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zpq-gs32-ubg6

vulnerability	VCID-2b8m-zcvw-sfa8

vulnerability	VCID-51dm-n7tt-5qe5

vulnerability	VCID-6rcd-pqxw-dbhk

vulnerability	VCID-avg5-yvm3-5qar

vulnerability	VCID-h93k-zzy5-euhq

vulnerability	VCID-j7bq-mz97-k7e3

vulnerability	VCID-jqxw-6npu-ykd1

vulnerability	VCID-jxu2-azw2-bbfs

vulnerability	VCID-ktjz-rbrw-nyhm

vulnerability	VCID-uh21-ps74-wyaq

vulnerability	VCID-ujwj-eby4-xfg4

vulnerability	VCID-yc7j-b5gb-jqe5

vulnerability	VCID-yzky-wqbj-2bh4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@9.0.151.0-1%3Farch=el4

url pkg:rpm/redhat/flash-plugin@9.0.151.0-1.el3.with?arch=oss

purl pkg:rpm/redhat/flash-plugin@9.0.151.0-1.el3.with?arch=oss

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zpq-gs32-ubg6

vulnerability	VCID-2b8m-zcvw-sfa8

vulnerability	VCID-51dm-n7tt-5qe5

vulnerability	VCID-6rcd-pqxw-dbhk

vulnerability	VCID-avg5-yvm3-5qar

vulnerability	VCID-h93k-zzy5-euhq

vulnerability	VCID-j7bq-mz97-k7e3

vulnerability	VCID-jqxw-6npu-ykd1

vulnerability	VCID-jxu2-azw2-bbfs

vulnerability	VCID-ktjz-rbrw-nyhm

vulnerability	VCID-uh21-ps74-wyaq

vulnerability	VCID-ujwj-eby4-xfg4

vulnerability	VCID-yc7j-b5gb-jqe5

vulnerability	VCID-yzky-wqbj-2bh4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@9.0.151.0-1.el3.with%3Farch=oss

url pkg:rpm/redhat/flash-plugin@10.0.12.36-2?arch=el5

purl pkg:rpm/redhat/flash-plugin@10.0.12.36-2?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1zpq-gs32-ubg6

vulnerability	VCID-2b8m-zcvw-sfa8

vulnerability	VCID-51dm-n7tt-5qe5

vulnerability	VCID-6rcd-pqxw-dbhk

vulnerability	VCID-avg5-yvm3-5qar

vulnerability	VCID-h93k-zzy5-euhq

vulnerability	VCID-j7bq-mz97-k7e3

vulnerability	VCID-jqxw-6npu-ykd1

vulnerability	VCID-jxu2-azw2-bbfs

vulnerability	VCID-ktjz-rbrw-nyhm

vulnerability	VCID-uh21-ps74-wyaq

vulnerability	VCID-ujwj-eby4-xfg4

vulnerability	VCID-yc7j-b5gb-jqe5

vulnerability	VCID-yzky-wqbj-2bh4

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@10.0.12.36-2%3Farch=el5

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5362.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5362.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5362

reference_id

reference_type

scores

value	0.03068
scoring_system	epss
scoring_elements	0.86763
published_at	2026-04-18T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86681
published_at	2026-04-01T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86692
published_at	2026-04-02T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86711
published_at	2026-04-07T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.8673
published_at	2026-04-08T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86739
published_at	2026-04-09T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86753
published_at	2026-04-11T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.8675
published_at	2026-04-12T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86743
published_at	2026-04-13T12:55:00Z

value	0.03068
scoring_system	epss
scoring_elements	0.86757
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5362

reference_url	http://secunia.com/advisories/33390
reference_id
reference_type
scores
url	http://secunia.com/advisories/33390

reference_url	http://secunia.com/advisories/34226
reference_id
reference_type
scores
url	http://secunia.com/advisories/34226

reference_url	http://security.gentoo.org/glsa/glsa-200903-23.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200903-23.xml

reference_url	http://securityreason.com/securityalert/4692
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/4692

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm

reference_url	http://www.adobe.com/support/security/bulletins/apsb08-22.html
reference_id
reference_type
scores
url	http://www.adobe.com/support/security/bulletins/apsb08-22.html

reference_url	http://www.isecpartners.com/advisories/2008-01-flash.txt
reference_id
reference_type
scores
url	http://www.isecpartners.com/advisories/2008-01-flash.txt

reference_url	http://www.securityfocus.com/archive/1/498561/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498561/100/0/threaded

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1618338
reference_id	1618338
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1618338

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:adobe:air::::::::
reference_id	cpe:2.3:a:adobe:air::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:adobe:air::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:adobe:flash_player::::::::
reference_id	cpe:2.3:a:adobe:flash_player::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:adobe:flash_player::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-5362

reference_id

CVE-2008-5362

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2008-5362

reference_url	https://security.gentoo.org/glsa/200903-23
reference_id	GLSA-200903-23
reference_type
scores
url	https://security.gentoo.org/glsa/200903-23

reference_url	https://access.redhat.com/errata/RHSA-2008:0945
reference_id	RHSA-2008:0945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0945

reference_url	https://access.redhat.com/errata/RHSA-2008:0980
reference_id	RHSA-2008:0980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0980

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 4.3 - 4.3

Exploitability 0.5

Weighted_severity 3.9

Risk_score 1.9

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yc7j-b5gb-jqe5

Vulnerability Instance