Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-rx7e-dths-9yap

Summary icu: XSS vulnerability due to improper invalid byte sequence handling

Aliases

alias	CVE-2009-0153

Fixed_packages

url	pkg:deb/debian/icu@4.0.1-1?distro=trixie
purl	pkg:deb/debian/icu@4.0.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.0.1-1%3Fdistro=trixie

url pkg:deb/debian/icu@4.4.1-8%2Bsqueeze2

purl pkg:deb/debian/icu@4.4.1-8%2Bsqueeze2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bcb-5gab-9kde

vulnerability	VCID-2bgz-463n-rbg4

vulnerability	VCID-5es3-zr94-dfcm

vulnerability	VCID-5ht5-3ffs-mbe6

vulnerability	VCID-8jtg-kntk-zuhp

vulnerability	VCID-8xvm-w9m3-2ueq

vulnerability	VCID-9ma9-pt7u-e3gv

vulnerability	VCID-ajy9-yfsa-5bc5

vulnerability	VCID-dr2n-9pz1-gfd5

vulnerability	VCID-ec4s-1rb3-muhf

vulnerability	VCID-faut-x7vy-g3dq

vulnerability	VCID-fsdr-jdyv-tqed

vulnerability	VCID-fwy5-kn98-f3bw

vulnerability	VCID-gted-bme5-r7gf

vulnerability	VCID-hghm-mfvp-1ufk

vulnerability	VCID-hjda-t6dj-3baj

vulnerability	VCID-hzxp-wau2-nyck

vulnerability	VCID-jm8s-9gr6-ebax

vulnerability	VCID-kct4-fj4c-7kgv

vulnerability	VCID-mebk-ymrs-wkd2

vulnerability	VCID-mzjf-ej5z-57eh

vulnerability	VCID-ndem-w1mb-h7gj

vulnerability	VCID-nyhx-9tes-9ygr

vulnerability	VCID-pf5g-cuwm-7bey

vulnerability	VCID-qb56-zfz8-4bev

vulnerability	VCID-uwxq-bbum-1yhw

vulnerability	VCID-v547-6z4g-kba3

vulnerability	VCID-vcxf-zjrp-e3cg

vulnerability	VCID-w5th-khuv-mkek

vulnerability	VCID-wzc2-4mje-qfhf

vulnerability	VCID-xg8u-dvmc-t3ft

vulnerability	VCID-yz8d-49gf-u3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@4.4.1-8%252Bsqueeze2

url	pkg:deb/debian/icu@67.1-7?distro=trixie
purl	pkg:deb/debian/icu@67.1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@67.1-7%3Fdistro=trixie

url	pkg:deb/debian/icu@72.1-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/icu@72.1-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@72.1-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/icu@76.1-4?distro=trixie
purl	pkg:deb/debian/icu@76.1-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@76.1-4%3Fdistro=trixie

url	pkg:deb/debian/icu@78.3-1?distro=trixie
purl	pkg:deb/debian/icu@78.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@78.3-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/icu@2.0-2.1pre20020303-1

purl pkg:deb/debian/icu@2.0-2.1pre20020303-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bcb-5gab-9kde

vulnerability	VCID-2bgz-463n-rbg4

vulnerability	VCID-5es3-zr94-dfcm

vulnerability	VCID-5ht5-3ffs-mbe6

vulnerability	VCID-8jtg-kntk-zuhp

vulnerability	VCID-8xvm-w9m3-2ueq

vulnerability	VCID-9ma9-pt7u-e3gv

vulnerability	VCID-ajy9-yfsa-5bc5

vulnerability	VCID-dr2n-9pz1-gfd5

vulnerability	VCID-dvzc-t7vz-5qdr

vulnerability	VCID-ec4s-1rb3-muhf

vulnerability	VCID-faut-x7vy-g3dq

vulnerability	VCID-fsdr-jdyv-tqed

vulnerability	VCID-fwy5-kn98-f3bw

vulnerability	VCID-gted-bme5-r7gf

vulnerability	VCID-hghm-mfvp-1ufk

vulnerability	VCID-hjda-t6dj-3baj

vulnerability	VCID-hzxp-wau2-nyck

vulnerability	VCID-jm8s-9gr6-ebax

vulnerability	VCID-kct4-fj4c-7kgv

vulnerability	VCID-ktmh-nges-ykf7

vulnerability	VCID-mebk-ymrs-wkd2

vulnerability	VCID-mzjf-ej5z-57eh

vulnerability	VCID-ndem-w1mb-h7gj

vulnerability	VCID-nyhx-9tes-9ygr

vulnerability	VCID-nzcg-mury-8bb2

vulnerability	VCID-pf5g-cuwm-7bey

vulnerability	VCID-qb56-zfz8-4bev

vulnerability	VCID-rx7e-dths-9yap

vulnerability	VCID-uwxq-bbum-1yhw

vulnerability	VCID-v547-6z4g-kba3

vulnerability	VCID-vcxf-zjrp-e3cg

vulnerability	VCID-w5th-khuv-mkek

vulnerability	VCID-wzc2-4mje-qfhf

vulnerability	VCID-xg8u-dvmc-t3ft

vulnerability	VCID-yz8d-49gf-u3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@2.0-2.1pre20020303-1

url pkg:deb/debian/icu@2.1-2.1

purl pkg:deb/debian/icu@2.1-2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bcb-5gab-9kde

vulnerability	VCID-2bgz-463n-rbg4

vulnerability	VCID-5es3-zr94-dfcm

vulnerability	VCID-5ht5-3ffs-mbe6

vulnerability	VCID-8jtg-kntk-zuhp

vulnerability	VCID-8xvm-w9m3-2ueq

vulnerability	VCID-9ma9-pt7u-e3gv

vulnerability	VCID-ajy9-yfsa-5bc5

vulnerability	VCID-dr2n-9pz1-gfd5

vulnerability	VCID-dvzc-t7vz-5qdr

vulnerability	VCID-ec4s-1rb3-muhf

vulnerability	VCID-faut-x7vy-g3dq

vulnerability	VCID-fsdr-jdyv-tqed

vulnerability	VCID-fwy5-kn98-f3bw

vulnerability	VCID-gted-bme5-r7gf

vulnerability	VCID-hghm-mfvp-1ufk

vulnerability	VCID-hjda-t6dj-3baj

vulnerability	VCID-hzxp-wau2-nyck

vulnerability	VCID-jm8s-9gr6-ebax

vulnerability	VCID-kct4-fj4c-7kgv

vulnerability	VCID-ktmh-nges-ykf7

vulnerability	VCID-mebk-ymrs-wkd2

vulnerability	VCID-mzjf-ej5z-57eh

vulnerability	VCID-ndem-w1mb-h7gj

vulnerability	VCID-nyhx-9tes-9ygr

vulnerability	VCID-nzcg-mury-8bb2

vulnerability	VCID-pf5g-cuwm-7bey

vulnerability	VCID-qb56-zfz8-4bev

vulnerability	VCID-rx7e-dths-9yap

vulnerability	VCID-uwxq-bbum-1yhw

vulnerability	VCID-v547-6z4g-kba3

vulnerability	VCID-vcxf-zjrp-e3cg

vulnerability	VCID-w5th-khuv-mkek

vulnerability	VCID-wzc2-4mje-qfhf

vulnerability	VCID-xg8u-dvmc-t3ft

vulnerability	VCID-yz8d-49gf-u3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@2.1-2.1

url pkg:deb/debian/icu@3.6-2

purl pkg:deb/debian/icu@3.6-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bcb-5gab-9kde

vulnerability	VCID-2bgz-463n-rbg4

vulnerability	VCID-5es3-zr94-dfcm

vulnerability	VCID-5ht5-3ffs-mbe6

vulnerability	VCID-8jtg-kntk-zuhp

vulnerability	VCID-8xvm-w9m3-2ueq

vulnerability	VCID-9ma9-pt7u-e3gv

vulnerability	VCID-ajy9-yfsa-5bc5

vulnerability	VCID-dr2n-9pz1-gfd5

vulnerability	VCID-dvzc-t7vz-5qdr

vulnerability	VCID-ec4s-1rb3-muhf

vulnerability	VCID-faut-x7vy-g3dq

vulnerability	VCID-fsdr-jdyv-tqed

vulnerability	VCID-fwy5-kn98-f3bw

vulnerability	VCID-gted-bme5-r7gf

vulnerability	VCID-hghm-mfvp-1ufk

vulnerability	VCID-hjda-t6dj-3baj

vulnerability	VCID-hzxp-wau2-nyck

vulnerability	VCID-jm8s-9gr6-ebax

vulnerability	VCID-kct4-fj4c-7kgv

vulnerability	VCID-ktmh-nges-ykf7

vulnerability	VCID-mebk-ymrs-wkd2

vulnerability	VCID-mzjf-ej5z-57eh

vulnerability	VCID-ndem-w1mb-h7gj

vulnerability	VCID-nyhx-9tes-9ygr

vulnerability	VCID-nzcg-mury-8bb2

vulnerability	VCID-pf5g-cuwm-7bey

vulnerability	VCID-qb56-zfz8-4bev

vulnerability	VCID-rx7e-dths-9yap

vulnerability	VCID-uwxq-bbum-1yhw

vulnerability	VCID-v547-6z4g-kba3

vulnerability	VCID-vcxf-zjrp-e3cg

vulnerability	VCID-w5th-khuv-mkek

vulnerability	VCID-wzc2-4mje-qfhf

vulnerability	VCID-xg8u-dvmc-t3ft

vulnerability	VCID-yz8d-49gf-u3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@3.6-2

url pkg:deb/debian/icu@3.6-2etch3

purl pkg:deb/debian/icu@3.6-2etch3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bcb-5gab-9kde

vulnerability	VCID-2bgz-463n-rbg4

vulnerability	VCID-5es3-zr94-dfcm

vulnerability	VCID-5ht5-3ffs-mbe6

vulnerability	VCID-8jtg-kntk-zuhp

vulnerability	VCID-8xvm-w9m3-2ueq

vulnerability	VCID-9ma9-pt7u-e3gv

vulnerability	VCID-ajy9-yfsa-5bc5

vulnerability	VCID-dr2n-9pz1-gfd5

vulnerability	VCID-dvzc-t7vz-5qdr

vulnerability	VCID-ec4s-1rb3-muhf

vulnerability	VCID-faut-x7vy-g3dq

vulnerability	VCID-fsdr-jdyv-tqed

vulnerability	VCID-fwy5-kn98-f3bw

vulnerability	VCID-gted-bme5-r7gf

vulnerability	VCID-hghm-mfvp-1ufk

vulnerability	VCID-hjda-t6dj-3baj

vulnerability	VCID-hzxp-wau2-nyck

vulnerability	VCID-jm8s-9gr6-ebax

vulnerability	VCID-kct4-fj4c-7kgv

vulnerability	VCID-ktmh-nges-ykf7

vulnerability	VCID-mebk-ymrs-wkd2

vulnerability	VCID-mzjf-ej5z-57eh

vulnerability	VCID-ndem-w1mb-h7gj

vulnerability	VCID-nyhx-9tes-9ygr

vulnerability	VCID-nzcg-mury-8bb2

vulnerability	VCID-pf5g-cuwm-7bey

vulnerability	VCID-qb56-zfz8-4bev

vulnerability	VCID-rx7e-dths-9yap

vulnerability	VCID-uwxq-bbum-1yhw

vulnerability	VCID-v547-6z4g-kba3

vulnerability	VCID-vcxf-zjrp-e3cg

vulnerability	VCID-w5th-khuv-mkek

vulnerability	VCID-wzc2-4mje-qfhf

vulnerability	VCID-xg8u-dvmc-t3ft

vulnerability	VCID-yz8d-49gf-u3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@3.6-2etch3

url pkg:deb/debian/icu@3.8.1-3%2Blenny3

purl pkg:deb/debian/icu@3.8.1-3%2Blenny3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bcb-5gab-9kde

vulnerability	VCID-2bgz-463n-rbg4

vulnerability	VCID-5es3-zr94-dfcm

vulnerability	VCID-5ht5-3ffs-mbe6

vulnerability	VCID-8jtg-kntk-zuhp

vulnerability	VCID-8xvm-w9m3-2ueq

vulnerability	VCID-9ma9-pt7u-e3gv

vulnerability	VCID-ajy9-yfsa-5bc5

vulnerability	VCID-dr2n-9pz1-gfd5

vulnerability	VCID-ec4s-1rb3-muhf

vulnerability	VCID-faut-x7vy-g3dq

vulnerability	VCID-fsdr-jdyv-tqed

vulnerability	VCID-fwy5-kn98-f3bw

vulnerability	VCID-gted-bme5-r7gf

vulnerability	VCID-hghm-mfvp-1ufk

vulnerability	VCID-hjda-t6dj-3baj

vulnerability	VCID-hzxp-wau2-nyck

vulnerability	VCID-jm8s-9gr6-ebax

vulnerability	VCID-kct4-fj4c-7kgv

vulnerability	VCID-ktmh-nges-ykf7

vulnerability	VCID-mebk-ymrs-wkd2

vulnerability	VCID-mzjf-ej5z-57eh

vulnerability	VCID-ndem-w1mb-h7gj

vulnerability	VCID-nyhx-9tes-9ygr

vulnerability	VCID-pf5g-cuwm-7bey

vulnerability	VCID-qb56-zfz8-4bev

vulnerability	VCID-rx7e-dths-9yap

vulnerability	VCID-uwxq-bbum-1yhw

vulnerability	VCID-v547-6z4g-kba3

vulnerability	VCID-vcxf-zjrp-e3cg

vulnerability	VCID-w5th-khuv-mkek

vulnerability	VCID-wzc2-4mje-qfhf

vulnerability	VCID-xg8u-dvmc-t3ft

vulnerability	VCID-yz8d-49gf-u3bw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/icu@3.8.1-3%252Blenny3

url pkg:rpm/redhat/icu@3.6-5.11?arch=4

purl pkg:rpm/redhat/icu@3.6-5.11?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rx7e-dths-9yap

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/icu@3.6-5.11%3Farch=4

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0153.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0153.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-0153

reference_id

reference_type

scores

value	0.11643
scoring_system	epss
scoring_elements	0.93621
published_at	2026-04-01T12:55:00Z

value	0.11643
scoring_system	epss
scoring_elements	0.93632
published_at	2026-04-02T12:55:00Z

value	0.11643
scoring_system	epss
scoring_elements	0.9364
published_at	2026-04-04T12:55:00Z

value	0.11643
scoring_system	epss
scoring_elements	0.93642
published_at	2026-04-07T12:55:00Z

value	0.11643
scoring_system	epss
scoring_elements	0.93651
published_at	2026-04-08T12:55:00Z

value	0.11643
scoring_system	epss
scoring_elements	0.93653
published_at	2026-04-09T12:55:00Z

value	0.11643
scoring_system	epss
scoring_elements	0.93658
published_at	2026-04-12T12:55:00Z

value	0.11643
scoring_system	epss
scoring_elements	0.93659
published_at	2026-04-13T12:55:00Z

value	0.11643
scoring_system	epss
scoring_elements	0.93677
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-0153

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0153

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=503071
reference_id	503071
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=503071

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534590
reference_id	534590
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534590

reference_url	https://access.redhat.com/errata/RHSA-2009:1122
reference_id	RHSA-2009:1122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1122

reference_url	https://usn.ubuntu.com/846-1/
reference_id	USN-846-1
reference_type
scores
url	https://usn.ubuntu.com/846-1/

Weaknesses

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Exploits

Severity_range_score 6.1 - 6.1

Exploitability 0.5

Weighted_severity 5.5

Risk_score 2.8

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rx7e-dths-9yap

Vulnerability Instance