Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-uvv4-prbj-eqf8
Summary
Multiple vulnerabilities were found in PHP, the worst of which leading to
    the remote execution of arbitrary code.
Aliases
0
alias CVE-2009-0754
Fixed_packages
0
url pkg:ebuild/dev-lang/php@5.2.12
purl pkg:ebuild/dev-lang/php@5.2.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.12
Affected_packages
0
url pkg:rpm/redhat/php@4.3.2-51?arch=ent
purl pkg:rpm/redhat/php@4.3.2-51?arch=ent
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-21m2-srah-5fcn
1
vulnerability VCID-4urv-z3q8-gfc3
2
vulnerability VCID-saq8-dj13-bfcy
3
vulnerability VCID-suxh-3hb2-wbex
4
vulnerability VCID-uvv4-prbj-eqf8
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.2-51%3Farch=ent
1
url pkg:rpm/redhat/php@4.3.9-3.22?arch=15
purl pkg:rpm/redhat/php@4.3.9-3.22?arch=15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-21m2-srah-5fcn
1
vulnerability VCID-4urv-z3q8-gfc3
2
vulnerability VCID-saq8-dj13-bfcy
3
vulnerability VCID-suxh-3hb2-wbex
4
vulnerability VCID-uvv4-prbj-eqf8
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.9-3.22%3Farch=15
2
url pkg:rpm/redhat/php@5.1.6-23.2?arch=el5_3
purl pkg:rpm/redhat/php@5.1.6-23.2?arch=el5_3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-21m2-srah-5fcn
1
vulnerability VCID-4urv-z3q8-gfc3
2
vulnerability VCID-pcdr-4fg2-s7ec
3
vulnerability VCID-saq8-dj13-bfcy
4
vulnerability VCID-suxh-3hb2-wbex
5
vulnerability VCID-uvv4-prbj-eqf8
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-23.2%3Farch=el5_3
References
0
reference_url http://bugs.php.net/bug.php?id=27421
reference_id
reference_type
scores
url http://bugs.php.net/bug.php?id=27421
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0754.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0754.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0754
reference_id
reference_type
scores
0
value 0.00158
scoring_system epss
scoring_elements 0.36614
published_at 2026-04-18T12:55:00Z
1
value 0.00158
scoring_system epss
scoring_elements 0.36525
published_at 2026-04-01T12:55:00Z
2
value 0.00158
scoring_system epss
scoring_elements 0.36697
published_at 2026-04-02T12:55:00Z
3
value 0.00158
scoring_system epss
scoring_elements 0.36729
published_at 2026-04-04T12:55:00Z
4
value 0.00158
scoring_system epss
scoring_elements 0.36567
published_at 2026-04-07T12:55:00Z
5
value 0.00158
scoring_system epss
scoring_elements 0.36618
published_at 2026-04-08T12:55:00Z
6
value 0.00158
scoring_system epss
scoring_elements 0.36637
published_at 2026-04-09T12:55:00Z
7
value 0.00158
scoring_system epss
scoring_elements 0.36645
published_at 2026-04-11T12:55:00Z
8
value 0.00158
scoring_system epss
scoring_elements 0.3661
published_at 2026-04-12T12:55:00Z
9
value 0.00158
scoring_system epss
scoring_elements 0.36586
published_at 2026-04-13T12:55:00Z
10
value 0.00158
scoring_system epss
scoring_elements 0.36632
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0754
4
reference_url http://secunia.com/advisories/34642
reference_id
reference_type
scores
url http://secunia.com/advisories/34642
5
reference_url http://secunia.com/advisories/34830
reference_id
reference_type
scores
url http://secunia.com/advisories/34830
6
reference_url http://secunia.com/advisories/35003
reference_id
reference_type
scores
url http://secunia.com/advisories/35003
7
reference_url http://secunia.com/advisories/35007
reference_id
reference_type
scores
url http://secunia.com/advisories/35007
8
reference_url http://secunia.com/advisories/35306
reference_id
reference_type
scores
url http://secunia.com/advisories/35306
9
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11035
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11035
10
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
11
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
12
reference_url http://www.debian.org/security/2009/dsa-1789
reference_id
reference_type
scores
url http://www.debian.org/security/2009/dsa-1789
13
reference_url http://www.openwall.com/lists/oss-security/2009/01/30/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2009/01/30/1
14
reference_url http://www.openwall.com/lists/oss-security/2009/02/03/3
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2009/02/03/3
15
reference_url http://www.openwall.com/lists/oss-security/2009/02/25/3
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2009/02/25/3
16
reference_url http://www.redhat.com/support/errata/RHSA-2009-0350.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2009-0350.html
17
reference_url http://www.securitytracker.com/id?1021979
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1021979
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=479272
reference_id 479272
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=479272
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apache:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:apache:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apache:*:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0754
reference_id CVE-2009-0754
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2009-0754
23
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/32769.php
reference_id CVE-2009-0754;OSVDB-53574
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/32769.php
24
reference_url https://www.securityfocus.com/bid/33542/info
reference_id CVE-2009-0754;OSVDB-53574
reference_type exploit
scores
url https://www.securityfocus.com/bid/33542/info
25
reference_url https://security.gentoo.org/glsa/201001-03
reference_id GLSA-201001-03
reference_type
scores
url https://security.gentoo.org/glsa/201001-03
26
reference_url https://access.redhat.com/errata/RHSA-2009:0337
reference_id RHSA-2009:0337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:0337
27
reference_url https://access.redhat.com/errata/RHSA-2009:0338
reference_id RHSA-2009:0338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:0338
28
reference_url https://usn.ubuntu.com/761-1/
reference_id USN-761-1
reference_type
scores
url https://usn.ubuntu.com/761-1/
Weaknesses
0
cwe_id 134
name Use of Externally-Controlled Format String
description The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
Exploits
0
date_added 2009-01-30
description PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial of Service
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2009-01-30
exploit_type dos
platform php
source_date_updated 2014-04-09
data_source Exploit-DB
source_url https://www.securityfocus.com/bid/33542/info
Severity_range_score2.1 - 2.1
Exploitability2.0
Weighted_severity1.9
Risk_score3.8
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-uvv4-prbj-eqf8