Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-t24w-4tau-13a1

Summary

Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary code.

Aliases

alias	CVE-2017-11362

Fixed_packages

url	pkg:ebuild/dev-lang/php@5.6.31
purl	pkg:ebuild/dev-lang/php@5.6.31
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.6.31

url	pkg:ebuild/dev-lang/php@7.0.23
purl	pkg:ebuild/dev-lang/php@7.0.23
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@7.0.23

Affected_packages

url pkg:rpm/redhat/rh-php70-php@7.0.27-1?arch=el6

purl pkg:rpm/redhat/rh-php70-php@7.0.27-1?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pj7-5gy9-97f7

vulnerability	VCID-2da5-db5t-67ez

vulnerability	VCID-3v99-kbeq-47d8

vulnerability	VCID-4hnr-jry1-pucd

vulnerability	VCID-5dtd-t1mm-ekdy

vulnerability	VCID-6ysv-9bmx-w7df

vulnerability	VCID-7mzw-4sv9-fkd9

vulnerability	VCID-8j2y-daty-zudk

vulnerability	VCID-apf9-z7zs-jyh7

vulnerability	VCID-aq8f-mndp-b3hf

vulnerability	VCID-b5af-c9yc-rke7

vulnerability	VCID-b878-mmfs-e3g1

vulnerability	VCID-bd4w-by3u-e3d7

vulnerability	VCID-bgry-c8uh-ebh9

vulnerability	VCID-bp86-bwju-hfck

vulnerability	VCID-btsv-fsh6-t7de

vulnerability	VCID-e743-yn6c-ryd8

vulnerability	VCID-fkxn-xery-yfav

vulnerability	VCID-fkyf-n2mp-mkay

vulnerability	VCID-fwyg-v128-k7c9

vulnerability	VCID-ge97-dnra-uygw

vulnerability	VCID-gf19-ebyv-u3b5

vulnerability	VCID-guq9-1qhz-8uh9

vulnerability	VCID-huuh-j4zk-p3bp

vulnerability	VCID-j3tj-mxke-1kga

vulnerability	VCID-m1pw-ajwh-fkgv

vulnerability	VCID-mxa9-p8gv-3qhr

vulnerability	VCID-qv7g-5nw5-y7fc

vulnerability	VCID-s75c-hjr2-uubw

vulnerability	VCID-t24w-4tau-13a1

vulnerability	VCID-uhu4-qp7k-gqgu

vulnerability	VCID-v2xk-mv3d-pbbp

vulnerability	VCID-v46x-6fzg-6fcn

vulnerability	VCID-xh65-k3uv-77af

vulnerability	VCID-xpjh-4t92-nqgr

vulnerability	VCID-z5bb-new5-4qda

vulnerability	VCID-zf7p-9t9z-43bb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-php70-php@7.0.27-1%3Farch=el6

url pkg:rpm/redhat/rh-php70-php@7.0.27-1?arch=el7

purl pkg:rpm/redhat/rh-php70-php@7.0.27-1?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1pj7-5gy9-97f7

vulnerability	VCID-2da5-db5t-67ez

vulnerability	VCID-3v99-kbeq-47d8

vulnerability	VCID-4hnr-jry1-pucd

vulnerability	VCID-5dtd-t1mm-ekdy

vulnerability	VCID-6ysv-9bmx-w7df

vulnerability	VCID-7mzw-4sv9-fkd9

vulnerability	VCID-8j2y-daty-zudk

vulnerability	VCID-apf9-z7zs-jyh7

vulnerability	VCID-aq8f-mndp-b3hf

vulnerability	VCID-b5af-c9yc-rke7

vulnerability	VCID-b878-mmfs-e3g1

vulnerability	VCID-bd4w-by3u-e3d7

vulnerability	VCID-bgry-c8uh-ebh9

vulnerability	VCID-bp86-bwju-hfck

vulnerability	VCID-btsv-fsh6-t7de

vulnerability	VCID-e743-yn6c-ryd8

vulnerability	VCID-fkxn-xery-yfav

vulnerability	VCID-fkyf-n2mp-mkay

vulnerability	VCID-fwyg-v128-k7c9

vulnerability	VCID-ge97-dnra-uygw

vulnerability	VCID-gf19-ebyv-u3b5

vulnerability	VCID-guq9-1qhz-8uh9

vulnerability	VCID-huuh-j4zk-p3bp

vulnerability	VCID-j3tj-mxke-1kga

vulnerability	VCID-m1pw-ajwh-fkgv

vulnerability	VCID-mxa9-p8gv-3qhr

vulnerability	VCID-qv7g-5nw5-y7fc

vulnerability	VCID-s75c-hjr2-uubw

vulnerability	VCID-t24w-4tau-13a1

vulnerability	VCID-uhu4-qp7k-gqgu

vulnerability	VCID-v2xk-mv3d-pbbp

vulnerability	VCID-v46x-6fzg-6fcn

vulnerability	VCID-xh65-k3uv-77af

vulnerability	VCID-xpjh-4t92-nqgr

vulnerability	VCID-z5bb-new5-4qda

vulnerability	VCID-zf7p-9t9z-43bb

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-php70-php@7.0.27-1%3Farch=el7

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11362.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11362.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11362

reference_id

reference_type

scores

value	0.02083
scoring_system	epss
scoring_elements	0.83931
published_at	2026-04-01T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.83945
published_at	2026-04-02T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.8396
published_at	2026-04-04T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.83963
published_at	2026-04-07T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.83986
published_at	2026-04-08T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.83993
published_at	2026-04-09T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84009
published_at	2026-04-11T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84003
published_at	2026-04-12T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.83999
published_at	2026-04-13T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84024
published_at	2026-04-16T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84025
published_at	2026-04-18T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84027
published_at	2026-04-21T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84053
published_at	2026-04-24T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.8406
published_at	2026-04-26T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84063
published_at	2026-04-29T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84084
published_at	2026-05-05T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84107
published_at	2026-05-07T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84123
published_at	2026-05-09T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84122
published_at	2026-05-11T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84139
published_at	2026-05-12T12:55:00Z

value	0.02083
scoring_system	epss
scoring_elements	0.84172
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11362

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1475373
reference_id	1475373
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1475373

reference_url	https://security.gentoo.org/glsa/201709-21
reference_id	GLSA-201709-21
reference_type
scores
url	https://security.gentoo.org/glsa/201709-21

reference_url	https://access.redhat.com/errata/RHSA-2018:1296
reference_id	RHSA-2018:1296
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1296

reference_url	https://usn.ubuntu.com/3382-1/
reference_id	USN-3382-1
reference_type
scores
url	https://usn.ubuntu.com/3382-1/

reference_url	https://usn.ubuntu.com/3566-2/
reference_id	USN-3566-2
reference_type
scores
url	https://usn.ubuntu.com/3566-2/

Weaknesses

cwe_id	119
name	Improper Restriction of Operations within the Bounds of a Memory Buffer
description	The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Exploits

Severity_range_score 4.0 - 4.0

Exploitability 0.5

Weighted_severity 3.6

Risk_score 1.8

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t24w-4tau-13a1

Vulnerability Instance