Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-2nmn-ccav-ekhy

Summary Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header.

Aliases

alias	CVE-2016-6175

Fixed_packages

url	pkg:deb/debian/php-gettext@1.0.12-1?distro=sid
purl	pkg:deb/debian/php-gettext@1.0.12-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.12-1%3Fdistro=sid

url	pkg:deb/debian/php-gettext@1.0.12-4?distro=sid
purl	pkg:deb/debian/php-gettext@1.0.12-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.12-4%3Fdistro=sid

url	pkg:deb/debian/php-gettext@1.0.12-4
purl	pkg:deb/debian/php-gettext@1.0.12-4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.12-4

url	pkg:deb/debian/php-gettext@1.0.12-5?distro=sid
purl	pkg:deb/debian/php-gettext@1.0.12-5?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.12-5%3Fdistro=sid

url	pkg:deb/debian/php-gettext@1.0.12-6?distro=sid
purl	pkg:deb/debian/php-gettext@1.0.12-6?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.12-6%3Fdistro=sid

Affected_packages

url pkg:deb/debian/php-gettext@1.0.7-2

purl pkg:deb/debian/php-gettext@1.0.7-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nmn-ccav-ekhy

vulnerability	VCID-f4d7-69e8-sqej

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.7-2

url pkg:deb/debian/php-gettext@1.0.7-6

purl pkg:deb/debian/php-gettext@1.0.7-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nmn-ccav-ekhy

vulnerability	VCID-f4d7-69e8-sqej

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.7-6

url pkg:deb/debian/php-gettext@1.0.10-1

purl pkg:deb/debian/php-gettext@1.0.10-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nmn-ccav-ekhy

vulnerability	VCID-f4d7-69e8-sqej

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.10-1

url pkg:deb/debian/php-gettext@1.0.11-1

purl pkg:deb/debian/php-gettext@1.0.11-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nmn-ccav-ekhy

vulnerability	VCID-f4d7-69e8-sqej

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.11-1

url pkg:deb/debian/php-gettext@1.0.12-0.1

purl pkg:deb/debian/php-gettext@1.0.12-0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nmn-ccav-ekhy

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/php-gettext@1.0.12-0.1

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6175

reference_id

reference_type

scores

value	0.10928
scoring_system	epss
scoring_elements	0.93367
published_at	2026-04-01T12:55:00Z

value	0.10928
scoring_system	epss
scoring_elements	0.93375
published_at	2026-04-02T12:55:00Z

value	0.10928
scoring_system	epss
scoring_elements	0.93383
published_at	2026-04-07T12:55:00Z

value	0.10928
scoring_system	epss
scoring_elements	0.93391
published_at	2026-04-08T12:55:00Z

value	0.10928
scoring_system	epss
scoring_elements	0.93395
published_at	2026-04-09T12:55:00Z

value	0.10928
scoring_system	epss
scoring_elements	0.934
published_at	2026-04-13T12:55:00Z

value	0.10928
scoring_system	epss
scoring_elements	0.93419
published_at	2026-04-16T12:55:00Z

value	0.10928
scoring_system	epss
scoring_elements	0.93424
published_at	2026-04-18T12:55:00Z

value	0.10928
scoring_system	epss
scoring_elements	0.9343
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6175

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6175
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6175

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851771
reference_id	851771
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851771

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40154.txt
reference_id	CVE-2016-6175
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/40154.txt

Weaknesses

Exploits

date_added	2016-07-25
description	PHP gettext 1.0.12 - 'gettext.php' Code Execution
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2016-07-25
exploit_type	webapps
platform	php
source_date_updated	2016-07-25
data_source	Exploit-DB
source_url

Severity_range_score null

Exploitability 2.0

Weighted_severity 0.1

Risk_score 0.2

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2nmn-ccav-ekhy

Vulnerability Instance