Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-age2-x97h-m3bk
Summary
Multiple vulnerabilities were found in PHP, the worst of which lead
    to remote execution of arbitrary code.
Aliases
0
alias CVE-2011-4885
Fixed_packages
0
url pkg:ebuild/dev-lang/php@5.3.15
purl pkg:ebuild/dev-lang/php@5.3.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.3.15
1
url pkg:ebuild/dev-lang/php@5.4.5
purl pkg:ebuild/dev-lang/php@5.4.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.4.5
Affected_packages
0
url pkg:rpm/redhat/php@4.3.9-3?arch=35
purl pkg:rpm/redhat/php@4.3.9-3?arch=35
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1eet-wef5-g3cs
1
vulnerability VCID-7a8a-m5gv-3qa8
2
vulnerability VCID-age2-x97h-m3bk
3
vulnerability VCID-bk6m-d1rn-1fb4
4
vulnerability VCID-ytg7-b7vh-1ubw
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.9-3%3Farch=35
1
url pkg:rpm/redhat/php@5.1.6-27.el5_7?arch=4
purl pkg:rpm/redhat/php@5.1.6-27.el5_7?arch=4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1eet-wef5-g3cs
1
vulnerability VCID-7a8a-m5gv-3qa8
2
vulnerability VCID-age2-x97h-m3bk
3
vulnerability VCID-bk6m-d1rn-1fb4
4
vulnerability VCID-rp7p-9ye2-7khn
5
vulnerability VCID-szuu-c3gb-23cs
6
vulnerability VCID-ytg7-b7vh-1ubw
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-27.el5_7%3Farch=4
2
url pkg:rpm/redhat/php@5.3.3-3.el6_2?arch=5
purl pkg:rpm/redhat/php@5.3.3-3.el6_2?arch=5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-age2-x97h-m3bk
1
vulnerability VCID-ytg7-b7vh-1ubw
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.3.3-3.el6_2%3Farch=5
3
url pkg:rpm/redhat/php53@5.3.3-1.el5_7?arch=5
purl pkg:rpm/redhat/php53@5.3.3-1.el5_7?arch=5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-age2-x97h-m3bk
1
vulnerability VCID-ytg7-b7vh-1ubw
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php53@5.3.3-1.el5_7%3Farch=5
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4885.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4885.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4885
reference_id
reference_type
scores
0
value 0.86573
scoring_system epss
scoring_elements 0.99411
published_at 2026-04-02T12:55:00Z
1
value 0.86573
scoring_system epss
scoring_elements 0.99413
published_at 2026-04-07T12:55:00Z
2
value 0.86573
scoring_system epss
scoring_elements 0.99414
published_at 2026-04-08T12:55:00Z
3
value 0.86573
scoring_system epss
scoring_elements 0.99415
published_at 2026-04-09T12:55:00Z
4
value 0.86573
scoring_system epss
scoring_elements 0.99416
published_at 2026-04-11T12:55:00Z
5
value 0.86573
scoring_system epss
scoring_elements 0.99417
published_at 2026-04-12T12:55:00Z
6
value 0.86573
scoring_system epss
scoring_elements 0.99418
published_at 2026-04-13T12:55:00Z
7
value 0.86573
scoring_system epss
scoring_elements 0.99421
published_at 2026-04-16T12:55:00Z
8
value 0.86573
scoring_system epss
scoring_elements 0.9942
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4885
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=750547
reference_id 750547
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=750547
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/18296.txt
reference_id CVE-2011-4885;OSVDB-78115
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/18296.txt
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/18305.py
reference_id CVE-2011-4885;OSVDB-78115
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/18305.py
5
reference_url https://security.gentoo.org/glsa/201209-03
reference_id GLSA-201209-03
reference_type
scores
url https://security.gentoo.org/glsa/201209-03
6
reference_url https://access.redhat.com/errata/RHSA-2012:0019
reference_id RHSA-2012:0019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0019
7
reference_url https://access.redhat.com/errata/RHSA-2012:0033
reference_id RHSA-2012:0033
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0033
8
reference_url https://access.redhat.com/errata/RHSA-2012:0071
reference_id RHSA-2012:0071
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0071
9
reference_url https://usn.ubuntu.com/1358-1/
reference_id USN-1358-1
reference_type
scores
url https://usn.ubuntu.com/1358-1/
Weaknesses
Exploits
0
date_added null
description 
This module uses a denial-of-service (DoS) condition appearing in a variety of
          programming languages. This vulnerability occurs when storing multiple values
          in a hash table and all values have the same hash value. This can cause a web server
          parsing the POST parameters issued with a request into a hash table to consume
          hours of CPU with a single HTTP request.

          Currently, only the hash functions for PHP and Java are implemented.
          This module was tested with PHP + httpd, Tomcat, Glassfish and Geronimo.
          It also generates a random payload to bypass some IDS signatures.
required_action null
due_date null
notes 
Stability:
  - crash-service-down
SideEffects: []
Reliability: []
known_ransomware_campaign_use false
source_date_published 2011-12-28
exploit_type null
platform
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/http/hashcollision_dos.rb
1
date_added 2006-07-14
description MyBulletinBoard (MyBB) 1.1.5 - 'CLIENT-IP' SQL Injection
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2006-07-15
exploit_type webapps
platform php
source_date_updated 2016-11-09
data_source Exploit-DB
source_url
Severity_range_scorenull
Exploitability2.0
Weighted_severity0.8
Risk_score1.6
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-age2-x97h-m3bk