Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/firefox@88.0.1-1
Typealpm
Namespacearchlinux
Namefirefox
Version88.0.1-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version89.0.1-1
Latest_non_vulnerable_version101.0-1
Affected_by_vulnerabilities
0
url VCID-cmv4-drz9-f7gw
vulnerability_id VCID-cmv4-drz9-f7gw
summary 
Firefox for Android would become unstable and hard-to-recover when a website opened too many popups.
*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://security.archlinux.org/AVG-2019
reference_id AVG-2019
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2019
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:alpm/archlinux/firefox@89.0-1
purl pkg:alpm/archlinux/firefox@89.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qc4b-24x7-77eq
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@89.0-1
aliases CVE-2021-29962
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cmv4-drz9-f7gw
1
url VCID-jhvk-fysh-dfhe
vulnerability_id VCID-jhvk-fysh-dfhe
summary When styling and rendering an oversized `<select>` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface.
references
0
reference_url https://security.archlinux.org/ASA-202106-3
reference_id ASA-202106-3
reference_type
scores
url https://security.archlinux.org/ASA-202106-3
1
reference_url https://security.archlinux.org/AVG-2018
reference_id AVG-2018
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2018
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:alpm/archlinux/firefox@89.0-1
purl pkg:alpm/archlinux/firefox@89.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qc4b-24x7-77eq
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@89.0-1
aliases CVE-2021-29961
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jhvk-fysh-dfhe
2
url VCID-jmp4-ng3z-63fj
vulnerability_id VCID-jmp4-ng3z-63fj
summary 
Address bar search suggestions in private browsing mode were re-using session data from normal mode.
*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://security.archlinux.org/AVG-2019
reference_id AVG-2019
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2019
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:alpm/archlinux/firefox@89.0-1
purl pkg:alpm/archlinux/firefox@89.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qc4b-24x7-77eq
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@89.0-1
aliases CVE-2021-29963
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jmp4-ng3z-63fj
3
url VCID-maga-jq3w-1bfk
vulnerability_id VCID-maga-jq3w-1bfk
summary Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory safety bugs present in Firefox 88 and Firefox ESR 78.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29956
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29957
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967
3
reference_url https://security.archlinux.org/ASA-202106-22
reference_id ASA-202106-22
reference_type
scores
url https://security.archlinux.org/ASA-202106-22
4
reference_url https://security.archlinux.org/ASA-202106-3
reference_id ASA-202106-3
reference_type
scores
url https://security.archlinux.org/ASA-202106-3
5
reference_url https://security.archlinux.org/AVG-2018
reference_id AVG-2018
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2018
6
reference_url https://security.archlinux.org/AVG-2035
reference_id AVG-2035
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2035
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-24
reference_id mfsa2021-24
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-24
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-26
reference_id mfsa2021-26
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-26
fixed_packages
0
url pkg:alpm/archlinux/firefox@89.0-1
purl pkg:alpm/archlinux/firefox@89.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qc4b-24x7-77eq
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@89.0-1
aliases CVE-2021-29967
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-maga-jq3w-1bfk
4
url VCID-rkmm-7vbf-vych
vulnerability_id VCID-rkmm-7vbf-vych
summary 
A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would processing incorrectly, leading to an out-of-bounds read.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.*
references
0
reference_url https://security.archlinux.org/AVG-2019
reference_id AVG-2019
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2019
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-24
reference_id mfsa2021-24
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-24
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-26
reference_id mfsa2021-26
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-26
fixed_packages
0
url pkg:alpm/archlinux/firefox@89.0-1
purl pkg:alpm/archlinux/firefox@89.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qc4b-24x7-77eq
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@89.0-1
aliases CVE-2021-29964
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkmm-7vbf-vych
5
url VCID-spde-234b-t3ac
vulnerability_id VCID-spde-234b-t3ac
summary 
When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt.
This was only possible if the website kept recording with the microphone until re-enabling the camera.
references
0
reference_url https://security.archlinux.org/ASA-202106-3
reference_id ASA-202106-3
reference_type
scores
url https://security.archlinux.org/ASA-202106-3
1
reference_url https://security.archlinux.org/AVG-2018
reference_id AVG-2018
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2018
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:alpm/archlinux/firefox@89.0-1
purl pkg:alpm/archlinux/firefox@89.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qc4b-24x7-77eq
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@89.0-1
aliases CVE-2021-29959
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-spde-234b-t3ac
6
url VCID-tuzz-quet-97eq
vulnerability_id VCID-tuzz-quet-97eq
summary 
Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title.
The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk.
references
0
reference_url https://security.archlinux.org/ASA-202106-3
reference_id ASA-202106-3
reference_type
scores
url https://security.archlinux.org/ASA-202106-3
1
reference_url https://security.archlinux.org/AVG-2018
reference_id AVG-2018
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2018
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:alpm/archlinux/firefox@89.0-1
purl pkg:alpm/archlinux/firefox@89.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qc4b-24x7-77eq
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@89.0-1
aliases CVE-2021-29960
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tuzz-quet-97eq
7
url VCID-v576-hwvf-tfa7
vulnerability_id VCID-v576-hwvf-tfa7
summary 
A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog.
*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://security.archlinux.org/AVG-2019
reference_id AVG-2019
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2019
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:alpm/archlinux/firefox@89.0-1
purl pkg:alpm/archlinux/firefox@89.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qc4b-24x7-77eq
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@89.0-1
aliases CVE-2021-29965
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v576-hwvf-tfa7
8
url VCID-vcky-7nap-tybf
vulnerability_id VCID-vcky-7nap-tybf
summary Mozilla developers Christian Holler, Tooru Fujisawa, Tyson Smith reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://security.archlinux.org/ASA-202106-3
reference_id ASA-202106-3
reference_type
scores
url https://security.archlinux.org/ASA-202106-3
1
reference_url https://security.archlinux.org/AVG-2018
reference_id AVG-2018
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2018
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:alpm/archlinux/firefox@89.0-1
purl pkg:alpm/archlinux/firefox@89.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qc4b-24x7-77eq
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@89.0-1
aliases CVE-2021-29966
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vcky-7nap-tybf
Fixing_vulnerabilities
0
url VCID-qpcc-4pq3-vud1
vulnerability_id VCID-qpcc-4pq3-vud1
summary When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code.
references
0
reference_url https://security.archlinux.org/ASA-202105-5
reference_id ASA-202105-5
reference_type
scores
url https://security.archlinux.org/ASA-202105-5
1
reference_url https://security.archlinux.org/AVG-1917
reference_id AVG-1917
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1917
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-20
reference_id mfsa2021-20
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-20
fixed_packages
0
url pkg:alpm/archlinux/firefox@88.0.1-1
purl pkg:alpm/archlinux/firefox@88.0.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cmv4-drz9-f7gw
1
vulnerability VCID-jhvk-fysh-dfhe
2
vulnerability VCID-jmp4-ng3z-63fj
3
vulnerability VCID-maga-jq3w-1bfk
4
vulnerability VCID-rkmm-7vbf-vych
5
vulnerability VCID-spde-234b-t3ac
6
vulnerability VCID-tuzz-quet-97eq
7
vulnerability VCID-v576-hwvf-tfa7
8
vulnerability VCID-vcky-7nap-tybf
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0.1-1
aliases CVE-2021-29952
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpcc-4pq3-vud1
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0.1-1