Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/thunderbird@91.6.2-1
Typealpm
Namespacearchlinux
Namethunderbird
Version91.6.2-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version91.8.0-1
Latest_non_vulnerable_version91.10-1
Affected_by_vulnerabilities
0
url VCID-4dx9-1499-gqcz
vulnerability_id VCID-4dx9-1499-gqcz
summary Previously Thunderbird for macOS and Linux would download temporary files to a user-specific directory in /tmp, but this behavior was changed to download them to /tmp where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. *This bug only affects Thunderbird for macOS and Linux. Other operating systems are unaffected.*
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
5
reference_url https://security.archlinux.org/AVG-2713
reference_id AVG-2713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2713
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
reference_id mfsa2022-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
reference_id mfsa2022-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
fixed_packages
0
url pkg:alpm/archlinux/thunderbird@91.7.0-1
purl pkg:alpm/archlinux/thunderbird@91.7.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qt5-w1we-67hp
1
vulnerability VCID-8sqq-nnpq-pkc2
2
vulnerability VCID-bv8a-p6r5-17cz
3
vulnerability VCID-du9t-tmex-akfm
4
vulnerability VCID-gphr-qsyj-63gz
5
vulnerability VCID-h4xg-mvnj-fbd6
6
vulnerability VCID-nm7b-hwnd-eud6
7
vulnerability VCID-nwsq-gzra-v3b4
8
vulnerability VCID-zhwx-775r-t7fy
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@91.7.0-1
aliases CVE-2022-26386
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4dx9-1499-gqcz
1
url VCID-dh5x-c794-tqbw
vulnerability_id VCID-dh5x-c794-tqbw
summary If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
5
reference_url https://security.archlinux.org/AVG-2713
reference_id AVG-2713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2713
6
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
reference_id mfsa2022-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
reference_id mfsa2022-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
fixed_packages
0
url pkg:alpm/archlinux/thunderbird@91.7.0-1
purl pkg:alpm/archlinux/thunderbird@91.7.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qt5-w1we-67hp
1
vulnerability VCID-8sqq-nnpq-pkc2
2
vulnerability VCID-bv8a-p6r5-17cz
3
vulnerability VCID-du9t-tmex-akfm
4
vulnerability VCID-gphr-qsyj-63gz
5
vulnerability VCID-h4xg-mvnj-fbd6
6
vulnerability VCID-nm7b-hwnd-eud6
7
vulnerability VCID-nwsq-gzra-v3b4
8
vulnerability VCID-zhwx-775r-t7fy
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@91.7.0-1
aliases CVE-2022-26384
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dh5x-c794-tqbw
2
url VCID-fn1d-vq36-mkeu
vulnerability_id VCID-fn1d-vq36-mkeu
summary When installing an add-on, Thunderbird verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Thunderbird would not have noticed.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
5
reference_url https://security.archlinux.org/AVG-2713
reference_id AVG-2713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2713
6
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
reference_id mfsa2022-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
reference_id mfsa2022-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
fixed_packages
0
url pkg:alpm/archlinux/thunderbird@91.7.0-1
purl pkg:alpm/archlinux/thunderbird@91.7.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qt5-w1we-67hp
1
vulnerability VCID-8sqq-nnpq-pkc2
2
vulnerability VCID-bv8a-p6r5-17cz
3
vulnerability VCID-du9t-tmex-akfm
4
vulnerability VCID-gphr-qsyj-63gz
5
vulnerability VCID-h4xg-mvnj-fbd6
6
vulnerability VCID-nm7b-hwnd-eud6
7
vulnerability VCID-nwsq-gzra-v3b4
8
vulnerability VCID-zhwx-775r-t7fy
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@91.7.0-1
aliases CVE-2022-26387
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1d-vq36-mkeu
3
url VCID-s1bx-3697-jqeq
vulnerability_id VCID-s1bx-3697-jqeq
summary An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
5
reference_url https://security.archlinux.org/AVG-2713
reference_id AVG-2713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2713
6
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
reference_id mfsa2022-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
reference_id mfsa2022-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
fixed_packages
0
url pkg:alpm/archlinux/thunderbird@91.7.0-1
purl pkg:alpm/archlinux/thunderbird@91.7.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qt5-w1we-67hp
1
vulnerability VCID-8sqq-nnpq-pkc2
2
vulnerability VCID-bv8a-p6r5-17cz
3
vulnerability VCID-du9t-tmex-akfm
4
vulnerability VCID-gphr-qsyj-63gz
5
vulnerability VCID-h4xg-mvnj-fbd6
6
vulnerability VCID-nm7b-hwnd-eud6
7
vulnerability VCID-nwsq-gzra-v3b4
8
vulnerability VCID-zhwx-775r-t7fy
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@91.7.0-1
aliases CVE-2022-26381
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s1bx-3697-jqeq
4
url VCID-vbwy-936q-27fd
vulnerability_id VCID-vbwy-936q-27fd
summary When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26384
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26386
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26387
5
reference_url https://security.archlinux.org/AVG-2713
reference_id AVG-2713
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2713
6
reference_url https://security.archlinux.org/AVG-2714
reference_id AVG-2714
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2714
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
reference_id mfsa2022-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-10
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
reference_id mfsa2022-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-11
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
reference_id mfsa2022-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-12
fixed_packages
0
url pkg:alpm/archlinux/thunderbird@91.7.0-1
purl pkg:alpm/archlinux/thunderbird@91.7.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3qt5-w1we-67hp
1
vulnerability VCID-8sqq-nnpq-pkc2
2
vulnerability VCID-bv8a-p6r5-17cz
3
vulnerability VCID-du9t-tmex-akfm
4
vulnerability VCID-gphr-qsyj-63gz
5
vulnerability VCID-h4xg-mvnj-fbd6
6
vulnerability VCID-nm7b-hwnd-eud6
7
vulnerability VCID-nwsq-gzra-v3b4
8
vulnerability VCID-zhwx-775r-t7fy
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@91.7.0-1
aliases CVE-2022-26383
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vbwy-936q-27fd
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@91.6.2-1