Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:alpm/archlinux/firefox@87.0-2

Type alpm

Namespace archlinux

Name firefox

Version 87.0-2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 89.0.1-1

Latest_non_vulnerable_version 101.0-1

Affected_by_vulnerabilities

url VCID-5fw4-9nf9-h3d7

vulnerability_id VCID-5fw4-9nf9-h3d7

summary A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-23994

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5fw4-9nf9-h3d7

url VCID-64a3-rmee-qfb1

vulnerability_id VCID-64a3-rmee-qfb1

summary A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements (such as <input type="file">) this could have led to an attack where a user was confused about the origin of the webpage and potentially disclosed information they did not intend to.

references

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-24000

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-64a3-rmee-qfb1

url VCID-6ukw-38xv-huc2

vulnerability_id VCID-6ukw-38xv-huc2

summary By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user.

references

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-23996

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ukw-38xv-huc2

url VCID-7ex1-ufcv-5yg8

vulnerability_id VCID-7ex1-ufcv-5yg8

summary If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-23999

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ex1-ufcv-5yg8

url VCID-7nqh-truu-7khb

vulnerability_id VCID-7nqh-truu-7khb

summary Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-29946

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nqh-truu-7khb

url VCID-7s86-8m73-wkax

vulnerability_id VCID-7s86-8m73-wkax

summary A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations.

references

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-24001

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7s86-8m73-wkax

url VCID-bdcn-ak2b-1qbv

vulnerability_id VCID-bdcn-ak2b-1qbv

summary Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code.

references

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-23997

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bdcn-ak2b-1qbv

url VCID-fhb3-5sbs-s7cq

vulnerability_id VCID-fhb3-5sbs-s7cq

summary When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-23995

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhb3-5sbs-s7cq

url VCID-ppcj-1ng5-53hq

vulnerability_id VCID-ppcj-1ng5-53hq

summary When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-24002

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ppcj-1ng5-53hq

url VCID-xae7-bcs3-x7b1

vulnerability_id VCID-xae7-bcs3-x7b1

summary Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward, Christian Holler reported memory safety bugs present in Firefox 87. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-29947

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xae7-bcs3-x7b1

url VCID-zjej-aua1-abbc

vulnerability_id VCID-zjej-aua1-abbc

summary Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page.

references

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23993

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29949

reference_url	https://security.archlinux.org/ASA-202104-3
reference_id	ASA-202104-3
reference_type
scores
url	https://security.archlinux.org/ASA-202104-3

reference_url	https://security.archlinux.org/ASA-202104-4
reference_id	ASA-202104-4
reference_type
scores
url	https://security.archlinux.org/ASA-202104-4

reference_url

https://security.archlinux.org/AVG-1834

reference_id

AVG-1834

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1834

reference_url

https://security.archlinux.org/AVG-1836

reference_id

AVG-1836

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1836

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_id

mfsa2021-14

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_id

mfsa2021-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

reference_id

mfsa2021-16

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-16

fixed_packages

url pkg:alpm/archlinux/firefox@88.0-1

purl pkg:alpm/archlinux/firefox@88.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qpcc-4pq3-vud1

vulnerability	VCID-z1sm-aubn-afcb

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@88.0-1

aliases CVE-2021-23998

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zjej-aua1-abbc

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@87.0-2

Package Instance