Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-vmjh-9kbz-qkh6
Summarycups: Several XSS flaws in forms processed by CUPS web interface
Aliases
0
alias CVE-2009-2820
Fixed_packages
0
url pkg:deb/debian/cups@1.4.2-1?distro=trixie
purl pkg:deb/debian/cups@1.4.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@1.4.2-1%3Fdistro=trixie
1
url pkg:deb/debian/cups@1.4.4-7%2Bsqueeze5
purl pkg:deb/debian/cups@1.4.4-7%2Bsqueeze5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chf-23mc-d3dn
1
vulnerability VCID-35gf-189e-3ud4
2
vulnerability VCID-39f1-22a5-c7aw
3
vulnerability VCID-3ame-feez-yqhc
4
vulnerability VCID-3etj-2m21-ffa1
5
vulnerability VCID-44ju-8618-vqht
6
vulnerability VCID-48ht-j7ga-9ugq
7
vulnerability VCID-4bxg-5tnm-y3hw
8
vulnerability VCID-6mus-21kz-uuhz
9
vulnerability VCID-7wg4-sc9v-bffk
10
vulnerability VCID-843p-8xve-nfer
11
vulnerability VCID-993k-m3sq-gufu
12
vulnerability VCID-am36-6m5v-fkba
13
vulnerability VCID-anr5-gc12-e7dr
14
vulnerability VCID-apyh-1uza-pffa
15
vulnerability VCID-aznw-8yer-xfhf
16
vulnerability VCID-bzht-vhe3-y7bf
17
vulnerability VCID-cf81-58ju-bqaz
18
vulnerability VCID-ed99-uccv-d7bh
19
vulnerability VCID-ev9c-v5dv-37fb
20
vulnerability VCID-fby6-8f6z-63fw
21
vulnerability VCID-fkyp-m1p9-mfhy
22
vulnerability VCID-k4yw-jg6v-1bcc
23
vulnerability VCID-mcmb-bvw9-dba5
24
vulnerability VCID-mtzd-538p-kbhm
25
vulnerability VCID-p8gy-dd3u-uqh4
26
vulnerability VCID-pwkd-sgtt-1bef
27
vulnerability VCID-q8a8-fd7r-1kg7
28
vulnerability VCID-qxwq-vp9g-ukca
29
vulnerability VCID-ucmb-we3r-aqcd
30
vulnerability VCID-ukec-69r2-xbef
31
vulnerability VCID-vx54-r2dt-8ue5
32
vulnerability VCID-w17y-dvuq-7ba6
33
vulnerability VCID-wjht-u5u1-kkas
34
vulnerability VCID-wqu4-wys6-hfbb
35
vulnerability VCID-y7a9-2p1n-z7fx
36
vulnerability VCID-yyrd-qt22-w3f5
37
vulnerability VCID-zjj3-g2d7-c3gd
38
vulnerability VCID-zt43-htwu-kfde
39
vulnerability VCID-zxp7-6d69-tfhm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@1.4.4-7%252Bsqueeze5
2
url pkg:deb/debian/cups@2.3.3op2-3%2Bdeb11u8?distro=trixie
purl pkg:deb/debian/cups@2.3.3op2-3%2Bdeb11u8?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-63fa-a4pr-wqh3
1
vulnerability VCID-b1yf-xuc1-ykak
2
vulnerability VCID-dx89-e1nn-w7gz
3
vulnerability VCID-hc4t-becn-rkcc
4
vulnerability VCID-jy1y-e1nk-p3b4
5
vulnerability VCID-r1q4-2dq2-33ca
6
vulnerability VCID-ry9y-z4e4-yfdh
7
vulnerability VCID-vgtp-sjtt-73e9
8
vulnerability VCID-wr17-e776-bqh1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@2.3.3op2-3%252Bdeb11u8%3Fdistro=trixie
3
url pkg:deb/debian/cups@2.4.2-3%2Bdeb12u9?distro=trixie
purl pkg:deb/debian/cups@2.4.2-3%2Bdeb12u9?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-63fa-a4pr-wqh3
1
vulnerability VCID-b1yf-xuc1-ykak
2
vulnerability VCID-dx89-e1nn-w7gz
3
vulnerability VCID-hc4t-becn-rkcc
4
vulnerability VCID-jy1y-e1nk-p3b4
5
vulnerability VCID-r1q4-2dq2-33ca
6
vulnerability VCID-ry9y-z4e4-yfdh
7
vulnerability VCID-vgtp-sjtt-73e9
8
vulnerability VCID-wr17-e776-bqh1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@2.4.2-3%252Bdeb12u9%3Fdistro=trixie
4
url pkg:deb/debian/cups@2.4.10-3%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/cups@2.4.10-3%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-63fa-a4pr-wqh3
1
vulnerability VCID-b1yf-xuc1-ykak
2
vulnerability VCID-dx89-e1nn-w7gz
3
vulnerability VCID-hc4t-becn-rkcc
4
vulnerability VCID-jy1y-e1nk-p3b4
5
vulnerability VCID-r1q4-2dq2-33ca
6
vulnerability VCID-ry9y-z4e4-yfdh
7
vulnerability VCID-vgtp-sjtt-73e9
8
vulnerability VCID-wr17-e776-bqh1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@2.4.10-3%252Bdeb13u2%3Fdistro=trixie
5
url pkg:deb/debian/cups@2.4.16-1?distro=trixie
purl pkg:deb/debian/cups@2.4.16-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-63fa-a4pr-wqh3
1
vulnerability VCID-b1yf-xuc1-ykak
2
vulnerability VCID-dx89-e1nn-w7gz
3
vulnerability VCID-hc4t-becn-rkcc
4
vulnerability VCID-r1q4-2dq2-33ca
5
vulnerability VCID-ry9y-z4e4-yfdh
6
vulnerability VCID-vgtp-sjtt-73e9
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@2.4.16-1%3Fdistro=trixie
6
url pkg:deb/debian/cups@2.4.17-1?distro=trixie
purl pkg:deb/debian/cups@2.4.17-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@2.4.17-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/cups@1.3.8-1%2Blenny10
purl pkg:deb/debian/cups@1.3.8-1%2Blenny10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2chf-23mc-d3dn
1
vulnerability VCID-2weh-q66p-8bdg
2
vulnerability VCID-35gf-189e-3ud4
3
vulnerability VCID-39f1-22a5-c7aw
4
vulnerability VCID-3ame-feez-yqhc
5
vulnerability VCID-3etj-2m21-ffa1
6
vulnerability VCID-44ju-8618-vqht
7
vulnerability VCID-48ht-j7ga-9ugq
8
vulnerability VCID-4bxg-5tnm-y3hw
9
vulnerability VCID-4he8-q3nc-3bf7
10
vulnerability VCID-6mus-21kz-uuhz
11
vulnerability VCID-7gbc-682w-5fdq
12
vulnerability VCID-7wg4-sc9v-bffk
13
vulnerability VCID-843p-8xve-nfer
14
vulnerability VCID-8yv6-g189-vugt
15
vulnerability VCID-993k-m3sq-gufu
16
vulnerability VCID-am36-6m5v-fkba
17
vulnerability VCID-anr5-gc12-e7dr
18
vulnerability VCID-apyh-1uza-pffa
19
vulnerability VCID-aznw-8yer-xfhf
20
vulnerability VCID-bj8b-t1mc-zfd3
21
vulnerability VCID-bzht-vhe3-y7bf
22
vulnerability VCID-cf81-58ju-bqaz
23
vulnerability VCID-ed99-uccv-d7bh
24
vulnerability VCID-ev9c-v5dv-37fb
25
vulnerability VCID-fby6-8f6z-63fw
26
vulnerability VCID-fkyp-m1p9-mfhy
27
vulnerability VCID-fpbv-zqer-w7c3
28
vulnerability VCID-g2x8-pm39-sfer
29
vulnerability VCID-k4yw-jg6v-1bcc
30
vulnerability VCID-mcmb-bvw9-dba5
31
vulnerability VCID-mp2s-4x2a-h7fq
32
vulnerability VCID-mtwe-dgnd-c3fj
33
vulnerability VCID-mtzd-538p-kbhm
34
vulnerability VCID-p8gy-dd3u-uqh4
35
vulnerability VCID-pwkd-sgtt-1bef
36
vulnerability VCID-q8a8-fd7r-1kg7
37
vulnerability VCID-qjzr-avt1-fyfd
38
vulnerability VCID-qxwq-vp9g-ukca
39
vulnerability VCID-ucmb-we3r-aqcd
40
vulnerability VCID-ukec-69r2-xbef
41
vulnerability VCID-uqp7-5pb9-w7cg
42
vulnerability VCID-ur43-jbhj-k7bk
43
vulnerability VCID-vmjh-9kbz-qkh6
44
vulnerability VCID-vx54-r2dt-8ue5
45
vulnerability VCID-w17y-dvuq-7ba6
46
vulnerability VCID-wjht-u5u1-kkas
47
vulnerability VCID-wqu4-wys6-hfbb
48
vulnerability VCID-xp1f-4p3v-67ad
49
vulnerability VCID-y7a9-2p1n-z7fx
50
vulnerability VCID-yyrd-qt22-w3f5
51
vulnerability VCID-zjj3-g2d7-c3gd
52
vulnerability VCID-zm2g-nduw-tfcy
53
vulnerability VCID-zt43-htwu-kfde
54
vulnerability VCID-zxp7-6d69-tfhm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups@1.3.8-1%252Blenny10
1
url pkg:rpm/redhat/cups@1:1.3.7-11.el5_4?arch=4
purl pkg:rpm/redhat/cups@1:1.3.7-11.el5_4?arch=4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mp2s-4x2a-h7fq
1
vulnerability VCID-vmjh-9kbz-qkh6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cups@1:1.3.7-11.el5_4%3Farch=4
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2820.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2820.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-2820
reference_id
reference_type
scores
0
value 0.01995
scoring_system epss
scoring_elements 0.83564
published_at 2026-04-01T12:55:00Z
1
value 0.01995
scoring_system epss
scoring_elements 0.83576
published_at 2026-04-02T12:55:00Z
2
value 0.01995
scoring_system epss
scoring_elements 0.83591
published_at 2026-04-04T12:55:00Z
3
value 0.01995
scoring_system epss
scoring_elements 0.83592
published_at 2026-04-07T12:55:00Z
4
value 0.01995
scoring_system epss
scoring_elements 0.83616
published_at 2026-04-08T12:55:00Z
5
value 0.01995
scoring_system epss
scoring_elements 0.83625
published_at 2026-04-09T12:55:00Z
6
value 0.01995
scoring_system epss
scoring_elements 0.83642
published_at 2026-04-11T12:55:00Z
7
value 0.01995
scoring_system epss
scoring_elements 0.83635
published_at 2026-04-12T12:55:00Z
8
value 0.01995
scoring_system epss
scoring_elements 0.8363
published_at 2026-04-13T12:55:00Z
9
value 0.01995
scoring_system epss
scoring_elements 0.83665
published_at 2026-04-16T12:55:00Z
10
value 0.01995
scoring_system epss
scoring_elements 0.83667
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-2820
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=529833
reference_id 529833
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=529833
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555666
reference_id 555666
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555666
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10001.txt
reference_id CVE-2009-2820;OSVDB-59854
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/10001.txt
6
reference_url https://www.securityfocus.com/bid/36958/info
reference_id CVE-2009-2820;OSVDB-59854
reference_type exploit
scores
url https://www.securityfocus.com/bid/36958/info
7
reference_url https://access.redhat.com/errata/RHSA-2009:1595
reference_id RHSA-2009:1595
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1595
8
reference_url https://usn.ubuntu.com/856-1/
reference_id USN-856-1
reference_type
scores
url https://usn.ubuntu.com/856-1/
Weaknesses
0
cwe_id 79
name Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Exploits
0
date_added 2009-11-10
description CUPS - 'kerberos' Cross-Site Scripting
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2009-11-11
exploit_type remote
platform multiple
source_date_updated null
data_source Exploit-DB
source_url https://www.securityfocus.com/bid/36958/info
Severity_range_scorenull
Exploitability2.0
Weighted_severity0.0
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-vmjh-9kbz-qkh6