Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-paxq-xzhx-5faa
SummaryUntrusted search path vulnerability in the (1) "VST plugin with Python scripting" and (2) "VST plugin for writing score generators in Python" in Csound 5.08.2, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Aliases
0
alias CVE-2008-5986
Fixed_packages
0
url pkg:deb/debian/csound@5.08.2~dfsg-1.1?distro=trixie
purl pkg:deb/debian/csound@5.08.2~dfsg-1.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@5.08.2~dfsg-1.1%3Fdistro=trixie
1
url pkg:deb/debian/csound@1:3.53.0.1d-1
purl pkg:deb/debian/csound@1:3.53.0.1d-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7gzp-st5v-73de
1
vulnerability VCID-kes7-pe3n-xfbk
2
vulnerability VCID-krfj-jt7t-zkdc
3
vulnerability VCID-rsxb-qv4f-5fcj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:3.53.0.1d-1
2
url pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
purl pkg:deb/debian/csound@1:6.14.0~dfsg-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.14.0~dfsg-6%3Fdistro=trixie
3
url pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/csound@1:6.18.1%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-1%3Fdistro=trixie
4
url pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/csound@1:6.18.1%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-4%3Fdistro=trixie
5
url pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
purl pkg:deb/debian/csound@1:6.18.1%2Bdfsg-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@1:6.18.1%252Bdfsg-6%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/csound@3.484.0d-1
purl pkg:deb/debian/csound@3.484.0d-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7gzp-st5v-73de
1
vulnerability VCID-kes7-pe3n-xfbk
2
vulnerability VCID-krfj-jt7t-zkdc
3
vulnerability VCID-paxq-xzhx-5faa
4
vulnerability VCID-rsxb-qv4f-5fcj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/csound@3.484.0d-1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5986.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5986.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-5986
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18825
published_at 2026-06-11T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18988
published_at 2026-06-12T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.19006
published_at 2026-06-13T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18983
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-5986
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5986
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5986
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=481550
reference_id 481550
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=481550
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504359
reference_id 504359
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504359
Weaknesses
Exploits
Severity_range_scorenull
Exploitability0.5
Weighted_severity0.0
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-paxq-xzhx-5faa