Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-2ym1-hzpb-67bp
Summary
Multiple vulnerabilities in lighttpd may lead to information disclosure or
    a Denial of Service.
Aliases
0
alias CVE-2008-4359
Fixed_packages
0
url pkg:deb/debian/lighttpd@1.4.19-5?distro=trixie
purl pkg:deb/debian/lighttpd@1.4.19-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%3Fdistro=trixie
1
url pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3
purl pkg:deb/debian/lighttpd@1.4.19-5%2Blenny3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-392a-57u1-mqcx
1
vulnerability VCID-3mv4-zscp-uke6
2
vulnerability VCID-4252-bxgf-pqgq
3
vulnerability VCID-4mqa-bkha-kbaj
4
vulnerability VCID-7t19-jqkx-83du
5
vulnerability VCID-8sn2-9v3z-5qd8
6
vulnerability VCID-dj2j-yr1r-myej
7
vulnerability VCID-dnxd-x42g-2qcu
8
vulnerability VCID-e1yx-dxa6-1bba
9
vulnerability VCID-ebx8-yzbr-57ew
10
vulnerability VCID-eetd-2zwu-fud5
11
vulnerability VCID-ewrp-7up7-9qf3
12
vulnerability VCID-gt7s-kr68-5fer
13
vulnerability VCID-jau7-gfz8-dkfa
14
vulnerability VCID-ma83-g8ra-47bd
15
vulnerability VCID-muqu-fzs6-jqbd
16
vulnerability VCID-nabb-9r87-mbhw
17
vulnerability VCID-r76c-k624-v7fe
18
vulnerability VCID-rz5g-r2e9-9kgw
19
vulnerability VCID-uk6q-31q8-qqf9
20
vulnerability VCID-wfbv-rpt2-9bcs
21
vulnerability VCID-xap5-djda-2uem
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.19-5%252Blenny3
2
url pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/lighttpd@1.4.59-1%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.59-1%252Bdeb11u2%3Fdistro=trixie
3
url pkg:deb/debian/lighttpd@1.4.69-1?distro=trixie
purl pkg:deb/debian/lighttpd@1.4.69-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.69-1%3Fdistro=trixie
4
url pkg:deb/debian/lighttpd@1.4.79-2?distro=trixie
purl pkg:deb/debian/lighttpd@1.4.79-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.79-2%3Fdistro=trixie
5
url pkg:deb/debian/lighttpd@1.4.82-2?distro=trixie
purl pkg:deb/debian/lighttpd@1.4.82-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.82-2%3Fdistro=trixie
6
url pkg:ebuild/www-servers/lighttpd@1.4.20
purl pkg:ebuild/www-servers/lighttpd@1.4.20
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/lighttpd@1.4.20
Affected_packages
0
url pkg:deb/debian/lighttpd@1.4.13-4
purl pkg:deb/debian/lighttpd@1.4.13-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17xt-wfmb-6ba3
1
vulnerability VCID-2ym1-hzpb-67bp
2
vulnerability VCID-392a-57u1-mqcx
3
vulnerability VCID-3mv4-zscp-uke6
4
vulnerability VCID-4252-bxgf-pqgq
5
vulnerability VCID-483h-5atk-dfgs
6
vulnerability VCID-4mqa-bkha-kbaj
7
vulnerability VCID-7t19-jqkx-83du
8
vulnerability VCID-8sn2-9v3z-5qd8
9
vulnerability VCID-a11f-ydyr-6bcd
10
vulnerability VCID-bzf1-xw3k-qud7
11
vulnerability VCID-d983-1g2v-h7e9
12
vulnerability VCID-dj2j-yr1r-myej
13
vulnerability VCID-dnxd-x42g-2qcu
14
vulnerability VCID-e1yx-dxa6-1bba
15
vulnerability VCID-ebx8-yzbr-57ew
16
vulnerability VCID-eetd-2zwu-fud5
17
vulnerability VCID-ewrp-7up7-9qf3
18
vulnerability VCID-gt7s-kr68-5fer
19
vulnerability VCID-h1bj-mx6t-6kav
20
vulnerability VCID-hc9c-1c4k-wqh1
21
vulnerability VCID-j8ey-bqzd-hqce
22
vulnerability VCID-jau7-gfz8-dkfa
23
vulnerability VCID-ma83-g8ra-47bd
24
vulnerability VCID-mmey-1ydv-nfha
25
vulnerability VCID-muqu-fzs6-jqbd
26
vulnerability VCID-nabb-9r87-mbhw
27
vulnerability VCID-ntx6-vp4b-nbdk
28
vulnerability VCID-r76c-k624-v7fe
29
vulnerability VCID-rjf6-heyy-5kce
30
vulnerability VCID-rjpt-cjmu-43fu
31
vulnerability VCID-rz5g-r2e9-9kgw
32
vulnerability VCID-uk6q-31q8-qqf9
33
vulnerability VCID-wfbv-rpt2-9bcs
34
vulnerability VCID-xap5-djda-2uem
35
vulnerability VCID-xejg-te5s-wfax
36
vulnerability VCID-z3wv-cgxn-cyfs
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.13-4
1
url pkg:deb/debian/lighttpd@1.4.13-4etch12
purl pkg:deb/debian/lighttpd@1.4.13-4etch12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17xt-wfmb-6ba3
1
vulnerability VCID-2ym1-hzpb-67bp
2
vulnerability VCID-392a-57u1-mqcx
3
vulnerability VCID-3mv4-zscp-uke6
4
vulnerability VCID-4252-bxgf-pqgq
5
vulnerability VCID-483h-5atk-dfgs
6
vulnerability VCID-4mqa-bkha-kbaj
7
vulnerability VCID-7t19-jqkx-83du
8
vulnerability VCID-8sn2-9v3z-5qd8
9
vulnerability VCID-a11f-ydyr-6bcd
10
vulnerability VCID-bzf1-xw3k-qud7
11
vulnerability VCID-d983-1g2v-h7e9
12
vulnerability VCID-dj2j-yr1r-myej
13
vulnerability VCID-dnxd-x42g-2qcu
14
vulnerability VCID-e1yx-dxa6-1bba
15
vulnerability VCID-ebx8-yzbr-57ew
16
vulnerability VCID-eetd-2zwu-fud5
17
vulnerability VCID-ewrp-7up7-9qf3
18
vulnerability VCID-gt7s-kr68-5fer
19
vulnerability VCID-h1bj-mx6t-6kav
20
vulnerability VCID-hc9c-1c4k-wqh1
21
vulnerability VCID-j8ey-bqzd-hqce
22
vulnerability VCID-jau7-gfz8-dkfa
23
vulnerability VCID-ma83-g8ra-47bd
24
vulnerability VCID-mmey-1ydv-nfha
25
vulnerability VCID-muqu-fzs6-jqbd
26
vulnerability VCID-nabb-9r87-mbhw
27
vulnerability VCID-ntx6-vp4b-nbdk
28
vulnerability VCID-r76c-k624-v7fe
29
vulnerability VCID-rjf6-heyy-5kce
30
vulnerability VCID-rjpt-cjmu-43fu
31
vulnerability VCID-rz5g-r2e9-9kgw
32
vulnerability VCID-uk6q-31q8-qqf9
33
vulnerability VCID-wfbv-rpt2-9bcs
34
vulnerability VCID-xap5-djda-2uem
35
vulnerability VCID-xejg-te5s-wfax
36
vulnerability VCID-z3wv-cgxn-cyfs
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lighttpd@1.4.13-4etch12
References
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
1
reference_url http://openwall.com/lists/oss-security/2008/09/30/1
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2008/09/30/1
2
reference_url http://openwall.com/lists/oss-security/2008/09/30/2
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2008/09/30/2
3
reference_url http://openwall.com/lists/oss-security/2008/09/30/3
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2008/09/30/3
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4359.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4359.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4359
reference_id
reference_type
scores
0
value 0.00462
scoring_system epss
scoring_elements 0.64182
published_at 2026-04-13T12:55:00Z
1
value 0.00462
scoring_system epss
scoring_elements 0.64097
published_at 2026-04-01T12:55:00Z
2
value 0.00462
scoring_system epss
scoring_elements 0.64154
published_at 2026-04-02T12:55:00Z
3
value 0.00462
scoring_system epss
scoring_elements 0.64181
published_at 2026-04-04T12:55:00Z
4
value 0.00462
scoring_system epss
scoring_elements 0.64141
published_at 2026-04-07T12:55:00Z
5
value 0.00462
scoring_system epss
scoring_elements 0.64192
published_at 2026-04-08T12:55:00Z
6
value 0.00462
scoring_system epss
scoring_elements 0.64208
published_at 2026-04-09T12:55:00Z
7
value 0.00462
scoring_system epss
scoring_elements 0.64222
published_at 2026-04-11T12:55:00Z
8
value 0.00462
scoring_system epss
scoring_elements 0.6421
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4359
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4359
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4359
7
reference_url http://secunia.com/advisories/32069
reference_id
reference_type
scores
url http://secunia.com/advisories/32069
8
reference_url http://secunia.com/advisories/32132
reference_id
reference_type
scores
url http://secunia.com/advisories/32132
9
reference_url http://secunia.com/advisories/32480
reference_id
reference_type
scores
url http://secunia.com/advisories/32480
10
reference_url http://secunia.com/advisories/32834
reference_id
reference_type
scores
url http://secunia.com/advisories/32834
11
reference_url http://secunia.com/advisories/32972
reference_id
reference_type
scores
url http://secunia.com/advisories/32972
12
reference_url http://security.gentoo.org/glsa/glsa-200812-04.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200812-04.xml
13
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/45690
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/45690
14
reference_url http://trac.lighttpd.net/trac/changeset/2278
reference_id
reference_type
scores
url http://trac.lighttpd.net/trac/changeset/2278
15
reference_url http://trac.lighttpd.net/trac/changeset/2307
reference_id
reference_type
scores
url http://trac.lighttpd.net/trac/changeset/2307
16
reference_url http://trac.lighttpd.net/trac/changeset/2309
reference_id
reference_type
scores
url http://trac.lighttpd.net/trac/changeset/2309
17
reference_url http://trac.lighttpd.net/trac/changeset/2310
reference_id
reference_type
scores
url http://trac.lighttpd.net/trac/changeset/2310
18
reference_url http://trac.lighttpd.net/trac/ticket/1720
reference_id
reference_type
scores
url http://trac.lighttpd.net/trac/ticket/1720
19
reference_url http://wiki.rpath.com/Advisories:rPSA-2008-0309
reference_id
reference_type
scores
url http://wiki.rpath.com/Advisories:rPSA-2008-0309
20
reference_url http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309
reference_id
reference_type
scores
url http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309
21
reference_url http://www.debian.org/security/2008/dsa-1645
reference_id
reference_type
scores
url http://www.debian.org/security/2008/dsa-1645
22
reference_url http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch
reference_id
reference_type
scores
url http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch
23
reference_url http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt
reference_id
reference_type
scores
url http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt
24
reference_url http://www.securityfocus.com/archive/1/497932/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/497932/100/0/threaded
25
reference_url http://www.securityfocus.com/bid/31599
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/31599
26
reference_url http://www.vupen.com/english/advisories/2008/2741
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/2741
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=465751
reference_id 465751
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=465751
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-4359
reference_id CVE-2008-4359
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2008-4359
31
reference_url https://security.gentoo.org/glsa/200812-04
reference_id GLSA-200812-04
reference_type
scores
url https://security.gentoo.org/glsa/200812-04
Weaknesses
0
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
Severity_range_score7.5 - 7.5
Exploitability0.5
Weighted_severity6.8
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-2ym1-hzpb-67bp