Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-73nf-5amu-xkex
Summary
Multiple vulnerabilities were found in PHP, the worst of which
    leading to remote execution of arbitrary code.
Aliases
0
alias CVE-2010-3870
Fixed_packages
0
url pkg:ebuild/dev-lang/php@5.3.8
purl pkg:ebuild/dev-lang/php@5.3.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.3.8
Affected_packages
0
url pkg:rpm/redhat/php@4.3.9-3?arch=31
purl pkg:rpm/redhat/php@4.3.9-3?arch=31
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5cmr-smkx-cbha
1
vulnerability VCID-73nf-5amu-xkex
2
vulnerability VCID-f1qk-tx2z-dbhk
3
vulnerability VCID-n146-xs1x-6ugw
4
vulnerability VCID-nwah-hqg5-q7e2
5
vulnerability VCID-yk8n-vbt4-6ycr
6
vulnerability VCID-zj1e-4gxx-1qbd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.9-3%3Farch=31
1
url pkg:rpm/redhat/php@5.1.6-27.el5_5?arch=3
purl pkg:rpm/redhat/php@5.1.6-27.el5_5?arch=3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5cmr-smkx-cbha
1
vulnerability VCID-73nf-5amu-xkex
2
vulnerability VCID-f1qk-tx2z-dbhk
3
vulnerability VCID-n146-xs1x-6ugw
4
vulnerability VCID-nwah-hqg5-q7e2
5
vulnerability VCID-yk8n-vbt4-6ycr
6
vulnerability VCID-zj1e-4gxx-1qbd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-27.el5_5%3Farch=3
2
url pkg:rpm/redhat/php@5.3.2-6.el6_0?arch=1
purl pkg:rpm/redhat/php@5.3.2-6.el6_0?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-52gs-wtmz-t7cg
1
vulnerability VCID-73nf-5amu-xkex
2
vulnerability VCID-n146-xs1x-6ugw
3
vulnerability VCID-xzsz-j91v-skf6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.3.2-6.el6_0%3Farch=1
References
0
reference_url http://bugs.php.net/bug.php?id=48230
reference_id
reference_type
scores
url http://bugs.php.net/bug.php?id=48230
1
reference_url http://bugs.php.net/bug.php?id=49687
reference_id
reference_type
scores
url http://bugs.php.net/bug.php?id=49687
2
reference_url http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html
4
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
6
reference_url http://marc.info/?l=bugtraq&m=133469208622507&w=2
reference_id
reference_type
scores
url http://marc.info/?l=bugtraq&m=133469208622507&w=2
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3870.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3870.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-3870
reference_id
reference_type
scores
0
value 0.00619
scoring_system epss
scoring_elements 0.70015
published_at 2026-04-21T12:55:00Z
1
value 0.00619
scoring_system epss
scoring_elements 0.69994
published_at 2026-04-12T12:55:00Z
2
value 0.00619
scoring_system epss
scoring_elements 0.69981
published_at 2026-04-13T12:55:00Z
3
value 0.00619
scoring_system epss
scoring_elements 0.70024
published_at 2026-04-16T12:55:00Z
4
value 0.00619
scoring_system epss
scoring_elements 0.70034
published_at 2026-04-18T12:55:00Z
5
value 0.0071
scoring_system epss
scoring_elements 0.72167
published_at 2026-04-01T12:55:00Z
6
value 0.0071
scoring_system epss
scoring_elements 0.72242
published_at 2026-04-11T12:55:00Z
7
value 0.0071
scoring_system epss
scoring_elements 0.72219
published_at 2026-04-09T12:55:00Z
8
value 0.0071
scoring_system epss
scoring_elements 0.72172
published_at 2026-04-02T12:55:00Z
9
value 0.0071
scoring_system epss
scoring_elements 0.72192
published_at 2026-04-04T12:55:00Z
10
value 0.0071
scoring_system epss
scoring_elements 0.7217
published_at 2026-04-07T12:55:00Z
11
value 0.0071
scoring_system epss
scoring_elements 0.72207
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-3870
9
reference_url http://secunia.com/advisories/42410
reference_id
reference_type
scores
url http://secunia.com/advisories/42410
10
reference_url http://secunia.com/advisories/42812
reference_id
reference_type
scores
url http://secunia.com/advisories/42812
11
reference_url http://sirdarckcat.blogspot.com/2009/10/couple-of-unicode-issues-on-php-and.html
reference_id
reference_type
scores
url http://sirdarckcat.blogspot.com/2009/10/couple-of-unicode-issues-on-php-and.html
12
reference_url http://support.apple.com/kb/HT4581
reference_id
reference_type
scores
url http://support.apple.com/kb/HT4581
13
reference_url http://svn.php.net/viewvc?view=revision&revision=304959
reference_id
reference_type
scores
url http://svn.php.net/viewvc?view=revision&revision=304959
14
reference_url http://us2.php.net/manual/en/function.utf8-decode.php#83935
reference_id
reference_type
scores
url http://us2.php.net/manual/en/function.utf8-decode.php#83935
15
reference_url http://www.acunetix.com/blog/web-security-articles/security-risks-associated-with-utf8_decode/
reference_id
reference_type
scores
url http://www.acunetix.com/blog/web-security-articles/security-risks-associated-with-utf8_decode/
16
reference_url http://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf
reference_id
reference_type
scores
url http://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf
17
reference_url http://www.mandriva.com/en/security/advisories?name=MDVSA-2010:224
reference_id
reference_type
scores
url http://www.mandriva.com/en/security/advisories?name=MDVSA-2010:224
18
reference_url http://www.openwall.com/lists/oss-security/2010/11/02/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/11/02/1
19
reference_url http://www.openwall.com/lists/oss-security/2010/11/02/11
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/11/02/11
20
reference_url http://www.openwall.com/lists/oss-security/2010/11/02/2
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/11/02/2
21
reference_url http://www.openwall.com/lists/oss-security/2010/11/02/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/11/02/4
22
reference_url http://www.openwall.com/lists/oss-security/2010/11/02/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/11/02/6
23
reference_url http://www.openwall.com/lists/oss-security/2010/11/02/8
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/11/02/8
24
reference_url http://www.openwall.com/lists/oss-security/2010/11/03/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2010/11/03/1
25
reference_url http://www.php.net/ChangeLog-5.php
reference_id
reference_type
scores
url http://www.php.net/ChangeLog-5.php
26
reference_url http://www.redhat.com/support/errata/RHSA-2010-0919.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2010-0919.html
27
reference_url http://www.redhat.com/support/errata/RHSA-2011-0195.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2011-0195.html
28
reference_url http://www.securityfocus.com/bid/44605
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/44605
29
reference_url http://www.securitytracker.com/id?1024797
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1024797
30
reference_url http://www.ubuntu.com/usn/USN-1042-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1042-1
31
reference_url http://www.vupen.com/english/advisories/2010/3081
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/3081
32
reference_url http://www.vupen.com/english/advisories/2011/0020
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0020
33
reference_url http://www.vupen.com/english/advisories/2011/0021
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0021
34
reference_url http://www.vupen.com/english/advisories/2011/0077
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0077
35
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=649056
reference_id 649056
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=649056
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-3870
reference_id CVE-2010-3870
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2010-3870
43
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/34950.php
reference_id CVE-2010-3870;OSVDB-69230
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/34950.php
44
reference_url https://www.securityfocus.com/bid/44605/info
reference_id CVE-2010-3870;OSVDB-69230
reference_type exploit
scores
url https://www.securityfocus.com/bid/44605/info
45
reference_url https://security.gentoo.org/glsa/201110-06
reference_id GLSA-201110-06
reference_type
scores
url https://security.gentoo.org/glsa/201110-06
46
reference_url https://access.redhat.com/errata/RHSA-2010:0919
reference_id RHSA-2010:0919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0919
47
reference_url https://access.redhat.com/errata/RHSA-2011:0195
reference_id RHSA-2011:0195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0195
48
reference_url https://usn.ubuntu.com/1042-1/
reference_id USN-1042-1
reference_type
scores
url https://usn.ubuntu.com/1042-1/
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
1
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Exploits
0
date_added 2009-05-11
description PHP 5.3.2 - 'xml_utf8_decode()' UTF-8 Input Validation
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2009-05-11
exploit_type remote
platform php
source_date_updated 2014-10-13
data_source Exploit-DB
source_url https://www.securityfocus.com/bid/44605/info
Severity_range_score6.8 - 6.8
Exploitability2.0
Weighted_severity6.1
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-73nf-5amu-xkex