Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-qa7t-kkcx-ybe3
Vulnerability ID VCID-qa7t-kkcx-ybe3
Aliases CVE-2008-1036
Summary ICU: Invalid character sequences omission during conversion of some character encodings (XSS attack possible)
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
System Score Found at
epss 0.02644 https://api.first.org/data/v1/epss?cve=CVE-2008-1036
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1036.json
https://api.first.org/data/v1/epss?cve=CVE-2008-1036
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1036
464168 https://bugzilla.redhat.com/show_bug.cgi?id=464168
RHSA-2009:0296 https://access.redhat.com/errata/RHSA-2009:0296
USN-747-1 https://usn.ubuntu.com/747-1/
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.85977
EPSS Score 0.02644
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T10:17:34.344424+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1036.json 38.6.0