Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/firefox@98.0-1
Typealpm
Namespacearchlinux
Namefirefox
Version98.0-1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version99.0-1
Latest_non_vulnerable_version101.0-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-84eg-x618-8fh1
vulnerability_id VCID-84eg-x618-8fh1
summary Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
fixed_packages
0
url pkg:alpm/archlinux/firefox@98.0-1
purl pkg:alpm/archlinux/firefox@98.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@98.0-1
aliases CVE-2022-0843
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84eg-x618-8fh1
1
url VCID-dh5x-c794-tqbw
vulnerability_id VCID-dh5x-c794-tqbw
summary If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
5
reference_url https://security.archlinux.org/AVG-2713
reference_id AVG-2713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2713
6
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
reference_id mfsa2022-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
reference_id mfsa2022-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
fixed_packages
0
url pkg:alpm/archlinux/firefox@98.0-1
purl pkg:alpm/archlinux/firefox@98.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@98.0-1
aliases CVE-2022-26384
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dh5x-c794-tqbw
2
url VCID-fn1d-vq36-mkeu
vulnerability_id VCID-fn1d-vq36-mkeu
summary When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
5
reference_url https://security.archlinux.org/AVG-2713
reference_id AVG-2713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2713
6
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
reference_id mfsa2022-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
reference_id mfsa2022-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
fixed_packages
0
url pkg:alpm/archlinux/firefox@98.0-1
purl pkg:alpm/archlinux/firefox@98.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@98.0-1
aliases CVE-2022-26387
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1d-vq36-mkeu
3
url VCID-fr7u-m88d-bqch
vulnerability_id VCID-fr7u-m88d-bqch
summary While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage.
references
0
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
fixed_packages
0
url pkg:alpm/archlinux/firefox@98.0-1
purl pkg:alpm/archlinux/firefox@98.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@98.0-1
aliases CVE-2022-26382
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fr7u-m88d-bqch
4
url VCID-s1bx-3697-jqeq
vulnerability_id VCID-s1bx-3697-jqeq
summary An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
5
reference_url https://security.archlinux.org/AVG-2713
reference_id AVG-2713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2713
6
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
reference_id mfsa2022-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
reference_id mfsa2022-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
fixed_packages
0
url pkg:alpm/archlinux/firefox@98.0-1
purl pkg:alpm/archlinux/firefox@98.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@98.0-1
aliases CVE-2022-26381
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s1bx-3697-jqeq
5
url VCID-vbwy-936q-27fd
vulnerability_id VCID-vbwy-936q-27fd
summary When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
5
reference_url https://security.archlinux.org/AVG-2713
reference_id AVG-2713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2713
6
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
reference_id mfsa2022-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
reference_id mfsa2022-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
fixed_packages
0
url pkg:alpm/archlinux/firefox@98.0-1
purl pkg:alpm/archlinux/firefox@98.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@98.0-1
aliases CVE-2022-26383
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vbwy-936q-27fd
6
url VCID-vkmr-zg7z-9qay
vulnerability_id VCID-vkmr-zg7z-9qay
summary In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash.
references
0
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
fixed_packages
0
url pkg:alpm/archlinux/firefox@98.0-1
purl pkg:alpm/archlinux/firefox@98.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@98.0-1
aliases CVE-2022-26385
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkmr-zg7z-9qay
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@98.0-1