Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-4urv-z3q8-gfc3

Summary

PHP contains several vulnerabilities including buffer and integer overflows
    which could lead to the remote execution of arbitrary code.

Aliases

alias	CVE-2008-3660

Fixed_packages

url	pkg:ebuild/dev-lang/php@5.2.6-r6
purl	pkg:ebuild/dev-lang/php@5.2.6-r6
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.6-r6

Affected_packages

url pkg:rpm/redhat/php@4.3.2-51?arch=ent

purl pkg:rpm/redhat/php@4.3.2-51?arch=ent

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21m2-srah-5fcn

vulnerability	VCID-4urv-z3q8-gfc3

vulnerability	VCID-saq8-dj13-bfcy

vulnerability	VCID-suxh-3hb2-wbex

vulnerability	VCID-uvv4-prbj-eqf8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.2-51%3Farch=ent

url pkg:rpm/redhat/php@4.3.9-3.22?arch=15

purl pkg:rpm/redhat/php@4.3.9-3.22?arch=15

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21m2-srah-5fcn

vulnerability	VCID-4urv-z3q8-gfc3

vulnerability	VCID-saq8-dj13-bfcy

vulnerability	VCID-suxh-3hb2-wbex

vulnerability	VCID-uvv4-prbj-eqf8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.9-3.22%3Farch=15

url pkg:rpm/redhat/php@5.1.6-23.2?arch=el5_3

purl pkg:rpm/redhat/php@5.1.6-23.2?arch=el5_3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-21m2-srah-5fcn

vulnerability	VCID-4urv-z3q8-gfc3

vulnerability	VCID-pcdr-4fg2-s7ec

vulnerability	VCID-saq8-dj13-bfcy

vulnerability	VCID-suxh-3hb2-wbex

vulnerability	VCID-uvv4-prbj-eqf8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-23.2%3Farch=el5_3

References

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=234102
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=234102

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html

reference_url	http://marc.info/?l=bugtraq&m=124654546101607&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=124654546101607&w=2

reference_url	http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=125631037611762&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3660.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3660.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3660

reference_id

reference_type

scores

value	0.1412
scoring_system	epss
scoring_elements	0.94384
published_at	2026-04-21T12:55:00Z

value	0.1412
scoring_system	epss
scoring_elements	0.94377
published_at	2026-04-16T12:55:00Z

value	0.1412
scoring_system	epss
scoring_elements	0.94382
published_at	2026-04-18T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94745
published_at	2026-04-07T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94754
published_at	2026-04-08T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94731
published_at	2026-04-01T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94762
published_at	2026-04-11T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94766
published_at	2026-04-13T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94758
published_at	2026-04-09T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.9474
published_at	2026-04-02T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94744
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3660

reference_url	http://secunia.com/advisories/31982
reference_id
reference_type
scores
url	http://secunia.com/advisories/31982

reference_url	http://secunia.com/advisories/32148
reference_id
reference_type
scores
url	http://secunia.com/advisories/32148

reference_url	http://secunia.com/advisories/32746
reference_id
reference_type
scores
url	http://secunia.com/advisories/32746

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	http://secunia.com/advisories/35306
reference_id
reference_type
scores
url	http://secunia.com/advisories/35306

reference_url	http://secunia.com/advisories/35650
reference_id
reference_type
scores
url	http://secunia.com/advisories/35650

reference_url	http://security.gentoo.org/glsa/glsa-200811-05.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200811-05.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44402
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44402

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9597
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9597

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html

reference_url	http://wiki.rpath.com/Advisories:rPSA-2009-0035
reference_id
reference_type
scores
url	http://wiki.rpath.com/Advisories:rPSA-2009-0035

reference_url	http://www.debian.org/security/2008/dsa-1647
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1647

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:021
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:021

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:022
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:022

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:023
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:023

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:024
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:024

reference_url	http://www.openwall.com/lists/oss-security/2008/08/08/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/08/08/2

reference_url	http://www.openwall.com/lists/oss-security/2008/08/13/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/08/13/8

reference_url	http://www.redhat.com/support/errata/RHSA-2009-0350.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2009-0350.html

reference_url	http://www.securityfocus.com/archive/1/501376/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/501376/100/0/threaded

reference_url	http://www.securitytracker.com/id?1020994
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020994

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2336
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2336

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=459572
reference_id	459572
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=459572

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:::::::*
reference_id	cpe:2.3:a:php:php:4.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:::::::*
reference_id	cpe:2.3:a:php:php:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:::::::*
reference_id	cpe:2.3:a:php:php:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:::::::*
reference_id	cpe:2.3:a:php:php:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*
reference_id	cpe:2.3:a:php:php:4.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:::::::*
reference_id	cpe:2.3:a:php:php:4.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:::::::*
reference_id	cpe:2.3:a:php:php:4.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:::::::*
reference_id	cpe:2.3:a:php:php:4.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:::::::*
reference_id	cpe:2.3:a:php:php:4.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*
reference_id	cpe:2.3:a:php:php:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*
reference_id	cpe:2.3:a:php:php:5.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*
reference_id	cpe:2.3:a:php:php:5.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*
reference_id	cpe:2.3:a:php:php:5.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*
reference_id	cpe:2.3:a:php:php:5.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*
reference_id	cpe:2.3:a:php:php:5.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*
reference_id	cpe:2.3:a:php:php:5.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3660

reference_id

CVE-2008-3660

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3660

reference_url	https://security.gentoo.org/glsa/200811-05
reference_id	GLSA-200811-05
reference_type
scores
url	https://security.gentoo.org/glsa/200811-05

reference_url	https://access.redhat.com/errata/RHSA-2009:0337
reference_id	RHSA-2009:0337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0337

reference_url	https://access.redhat.com/errata/RHSA-2009:0338
reference_id	RHSA-2009:0338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0338

reference_url	https://usn.ubuntu.com/720-1/
reference_id	USN-720-1
reference_type
scores
url	https://usn.ubuntu.com/720-1/

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 5.0 - 5.0

Exploitability 0.5

Weighted_severity 4.5

Risk_score 2.2

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4urv-z3q8-gfc3

Vulnerability Instance