Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-2hbu-crsx-h7bx

Summary

Multiple vulnerabilities were found in MySQL, the worst of which
    may allow remote execution of arbitrary code.

Aliases

alias	CVE-2018-2703

Fixed_packages

url	pkg:ebuild/dev-db/mysql@5.6.39
purl	pkg:ebuild/dev-db/mysql@5.6.39
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-db/mysql@5.6.39

Affected_packages

url pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el6?arch=1

purl pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el6?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2e5v-p34z-43bp

vulnerability	VCID-2hbu-crsx-h7bx

vulnerability	VCID-39gt-6dgh-wyar

vulnerability	VCID-3jgj-ez7d-qbh5

vulnerability	VCID-3md2-cjc1-ckdw

vulnerability	VCID-5p65-gfsg-1ugq

vulnerability	VCID-5q89-vg9j-k3as

vulnerability	VCID-64st-u4xn-z7g3

vulnerability	VCID-7yc3-7bkr-jfc9

vulnerability	VCID-ffsn-shbc-xbbf

vulnerability	VCID-h5nh-kj53-ybgu

vulnerability	VCID-h7un-bdz8-8yfe

vulnerability	VCID-n695-ekft-fqfh

vulnerability	VCID-z2we-8dx7-3yg2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el6%3Farch=1

url pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el7?arch=1

purl pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el7?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2e5v-p34z-43bp

vulnerability	VCID-2hbu-crsx-h7bx

vulnerability	VCID-39gt-6dgh-wyar

vulnerability	VCID-3jgj-ez7d-qbh5

vulnerability	VCID-3md2-cjc1-ckdw

vulnerability	VCID-5p65-gfsg-1ugq

vulnerability	VCID-5q89-vg9j-k3as

vulnerability	VCID-64st-u4xn-z7g3

vulnerability	VCID-7yc3-7bkr-jfc9

vulnerability	VCID-ffsn-shbc-xbbf

vulnerability	VCID-h5nh-kj53-ybgu

vulnerability	VCID-h7un-bdz8-8yfe

vulnerability	VCID-n695-ekft-fqfh

vulnerability	VCID-z2we-8dx7-3yg2

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql56-mysql@5.6.39-1.el7%3Farch=1

url pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el6?arch=1

purl pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el6?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-135g-wyju-6bc8

vulnerability	VCID-2e5v-p34z-43bp

vulnerability	VCID-2hbu-crsx-h7bx

vulnerability	VCID-2xb6-rvbp-wkha

vulnerability	VCID-39gt-6dgh-wyar

vulnerability	VCID-3jgj-ez7d-qbh5

vulnerability	VCID-3md2-cjc1-ckdw

vulnerability	VCID-5q89-vg9j-k3as

vulnerability	VCID-64st-u4xn-z7g3

vulnerability	VCID-7yc3-7bkr-jfc9

vulnerability	VCID-cks1-7b8t-uyh5

vulnerability	VCID-ffsn-shbc-xbbf

vulnerability	VCID-h5nh-kj53-ybgu

vulnerability	VCID-h7un-bdz8-8yfe

vulnerability	VCID-k869-qwxp-5qhm

vulnerability	VCID-kmp3-g5e5-vqam

vulnerability	VCID-n695-ekft-fqfh

vulnerability	VCID-wr83-rkem-p7hq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el6%3Farch=1

url pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el7?arch=1

purl pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el7?arch=1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-135g-wyju-6bc8

vulnerability	VCID-2e5v-p34z-43bp

vulnerability	VCID-2hbu-crsx-h7bx

vulnerability	VCID-2xb6-rvbp-wkha

vulnerability	VCID-39gt-6dgh-wyar

vulnerability	VCID-3jgj-ez7d-qbh5

vulnerability	VCID-3md2-cjc1-ckdw

vulnerability	VCID-5q89-vg9j-k3as

vulnerability	VCID-64st-u4xn-z7g3

vulnerability	VCID-7yc3-7bkr-jfc9

vulnerability	VCID-cks1-7b8t-uyh5

vulnerability	VCID-ffsn-shbc-xbbf

vulnerability	VCID-h5nh-kj53-ybgu

vulnerability	VCID-h7un-bdz8-8yfe

vulnerability	VCID-k869-qwxp-5qhm

vulnerability	VCID-kmp3-g5e5-vqam

vulnerability	VCID-n695-ekft-fqfh

vulnerability	VCID-wr83-rkem-p7hq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-mysql57-mysql@5.7.21-2.el7%3Farch=1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2703.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2703.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-2703

reference_id

reference_type

scores

value	0.01047
scoring_system	epss
scoring_elements	0.77535
published_at	2026-04-16T12:55:00Z

value	0.01047
scoring_system	epss
scoring_elements	0.77442
published_at	2026-04-01T12:55:00Z

value	0.01047
scoring_system	epss
scoring_elements	0.77448
published_at	2026-04-02T12:55:00Z

value	0.01047
scoring_system	epss
scoring_elements	0.77483
published_at	2026-04-08T12:55:00Z

value	0.01047
scoring_system	epss
scoring_elements	0.77493
published_at	2026-04-09T12:55:00Z

value	0.01047
scoring_system	epss
scoring_elements	0.77518
published_at	2026-04-11T12:55:00Z

value	0.01047
scoring_system	epss
scoring_elements	0.77499
published_at	2026-04-12T12:55:00Z

value	0.01047
scoring_system	epss
scoring_elements	0.77496
published_at	2026-04-13T12:55:00Z

value	0.01047
scoring_system	epss
scoring_elements	0.77473
published_at	2026-04-04T12:55:00Z

value	0.01047
scoring_system	epss
scoring_elements	0.77454
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-2703

reference_url

http://www.securityfocus.com/bid/102704

reference_id

102704

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:17Z/

url

http://www.securityfocus.com/bid/102704

reference_url

http://www.securitytracker.com/id/1040216

reference_id

1040216

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:17Z/

url

http://www.securitytracker.com/id/1040216

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1534139
reference_id	1534139
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1534139

reference_url	https://security.gentoo.org/glsa/201802-04
reference_id	GLSA-201802-04
reference_type
scores
url	https://security.gentoo.org/glsa/201802-04

reference_url

https://access.redhat.com/errata/RHSA-2018:0586

reference_id

RHSA-2018:0586

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:17Z/

url

https://access.redhat.com/errata/RHSA-2018:0586

reference_url

https://access.redhat.com/errata/RHSA-2018:0587

reference_id

RHSA-2018:0587

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:17Z/

url

https://access.redhat.com/errata/RHSA-2018:0587

reference_url

https://usn.ubuntu.com/3537-1/

reference_id

USN-3537-1

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:17Z/

url

https://usn.ubuntu.com/3537-1/

Weaknesses

cwe_id	770
name	Allocation of Resources Without Limits or Throttling
description	The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

Exploits

Severity_range_score 6.5 - 6.5

Exploitability 0.5

Weighted_severity 5.9

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hbu-crsx-h7bx

Vulnerability Instance