Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/firefox@48.0.2-1
Typealpm
Namespacearchlinux
Namefirefox
Version48.0.2-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version49.0-1
Latest_non_vulnerable_version101.0-1
Affected_by_vulnerabilities
0
url VCID-1uv3-mtcv-kbee
vulnerability_id VCID-1uv3-mtcv-kbee
summary A use-after-free vulnerability triggered by setting a aria-owns attribute.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5276
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1uv3-mtcv-kbee
1
url VCID-2qdm-5rm5-qfhr
vulnerability_id VCID-2qdm-5rm5-qfhr
summary A potentially exploitable crash in accessibility.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5273
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2qdm-5rm5-qfhr
2
url VCID-2zw2-v1xp-rfd9
vulnerability_id VCID-2zw2-v1xp-rfd9
summary A timing attack vulnerability using iframes to potentially reveal private data using document resizes and link colors.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5283
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2zw2-v1xp-rfd9
3
url VCID-3pdf-xrwk-a7bh
vulnerability_id VCID-3pdf-xrwk-a7bh
summary A buffer overflow when working with empty filters during canvas rendering.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5275
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3pdf-xrwk-a7bh
4
url VCID-88j3-np4m-p3et
vulnerability_id VCID-88j3-np4m-p3et
summary An out-of-bounds write of a boolean value during text conversion with some unicode characters
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5270
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88j3-np4m-p3et
5
url VCID-b61f-wfbh-uucm
vulnerability_id VCID-b61f-wfbh-uucm
summary The full path to local files is available to scripts when local files are drag and dropped into Firefox.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5279
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b61f-wfbh-uucm
6
url VCID-d6s8-w8mc-wyb4
vulnerability_id VCID-d6s8-w8mc-wyb4
summary Favicons can be loaded through non-whitelisted protocols, such as jar:.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5282
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d6s8-w8mc-wyb4
7
url VCID-dt5c-74jk-m3dc
vulnerability_id VCID-dt5c-74jk-m3dc
summary A use-after-free issue in web animations during restyling.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5274
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dt5c-74jk-m3dc
8
url VCID-e35v-ppxg-tkd1
vulnerability_id VCID-e35v-ppxg-tkd1
summary Mozilla developers and community members Christoph Diehl, Andrew McCreight, Dan Minor, Byron Campen, Jon Coppeard, Steve Fink, Tyson Smith, Philipp, and Carsten Book reported memory safety bugs present in Firefox 48 and Firefox ESR 45.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5257
1
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
2
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5257
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e35v-ppxg-tkd1
9
url VCID-ewpd-w8v5-efcf
vulnerability_id VCID-ewpd-w8v5-efcf
summary Mozilla developers Christoph Diehl, Christian Holler, Gary Kwong, Nathan Froyd, Honza Bambas, Seth Fowler, and Michael Smith reported memory safety bugs present in Firefox 48. Some of these bugs showed evidence of memory corruption under certain circumstances could potentially exploited to run arbitrary code.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5256
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ewpd-w8v5-efcf
10
url VCID-k9d6-7kmg-rubt
vulnerability_id VCID-k9d6-7kmg-rubt
summary Use-after-free vulnerability when manipulating SVG format content through script.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5281
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k9d6-7kmg-rubt
11
url VCID-nnkk-gjzm-s3ad
vulnerability_id VCID-nnkk-gjzm-s3ad
summary Use-after-free vulnerability when changing text direction.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5280
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nnkk-gjzm-s3ad
12
url VCID-pefk-5d4r-zfgp
vulnerability_id VCID-pefk-5d4r-zfgp
summary A use-after-free vulnerability with web animations when destroying a timeline.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5277
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pefk-5d4r-zfgp
13
url VCID-r8mm-erch-93gg
vulnerability_id VCID-r8mm-erch-93gg
summary A bad cast when processing layout with input elements can result in a potentially exploitable crash.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5272
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8mm-erch-93gg
14
url VCID-sw3r-xvra-zue6
vulnerability_id VCID-sw3r-xvra-zue6
summary Due to flaws in the process we used to update "Preloaded Public Key Pinning" in our releases, the pinning for add-on updates became ineffective in early September. An attacker who was able to get a mis-issued certificate for a Mozilla web site could send malicious add-on updates to users on networks controlled by the attacker. Users who have not installed any add-ons are not affected.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5284
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sw3r-xvra-zue6
15
url VCID-u7w2-v2us-1qaz
vulnerability_id VCID-u7w2-v2us-1qaz
summary A potentially exploitable crash caused by a buffer overflow while encoding image frames to images.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
reference_id mfsa2016-86
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-86
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
reference_id mfsa2016-88
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-88
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5278
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u7w2-v2us-1qaz
16
url VCID-vddw-w1vv-hucw
vulnerability_id VCID-vddw-w1vv-hucw
summary An out-of-bounds read during the processing of text runs in some pages using display:contents.
references
0
reference_url https://security.archlinux.org/ASA-201609-22
reference_id ASA-201609-22
reference_type
scores
url https://security.archlinux.org/ASA-201609-22
1
reference_url https://security.archlinux.org/AVG-24
reference_id AVG-24
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-24
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
reference_id mfsa2016-85
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-85
fixed_packages
0
url pkg:alpm/archlinux/firefox@49.0-1
purl pkg:alpm/archlinux/firefox@49.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@49.0-1
aliases CVE-2016-5271
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vddw-w1vv-hucw
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@48.0.2-1