Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/firefox@76.0.1-1
Typealpm
Namespacearchlinux
Namefirefox
Version76.0.1-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version77.0-1
Latest_non_vulnerable_version101.0-1
Affected_by_vulnerabilities
0
url VCID-4qav-6sgf-1qfc
vulnerability_id VCID-4qav-6sgf-1qfc
summary Mozilla developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
5
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
6
reference_url https://security.archlinux.org/ASA-202006-4
reference_id ASA-202006-4
reference_type
scores
url https://security.archlinux.org/ASA-202006-4
7
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
8
reference_url https://security.archlinux.org/AVG-1179
reference_id AVG-1179
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1179
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
reference_id mfsa2020-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
reference_id mfsa2020-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
fixed_packages
0
url pkg:alpm/archlinux/firefox@77.0-1
purl pkg:alpm/archlinux/firefox@77.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@77.0-1
aliases CVE-2020-12406
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qav-6sgf-1qfc
1
url VCID-8rd2-145r-8uf5
vulnerability_id VCID-8rd2-145r-8uf5
summary When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar.
references
0
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
1
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
fixed_packages
0
url pkg:alpm/archlinux/firefox@77.0-1
purl pkg:alpm/archlinux/firefox@77.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@77.0-1
aliases CVE-2020-12408
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8rd2-145r-8uf5
2
url VCID-bhx1-4c5t-nfbd
vulnerability_id VCID-bhx1-4c5t-nfbd
summary Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content.
references
0
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
1
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
fixed_packages
0
url pkg:alpm/archlinux/firefox@77.0-1
purl pkg:alpm/archlinux/firefox@77.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@77.0-1
aliases CVE-2020-12407
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bhx1-4c5t-nfbd
3
url VCID-kzju-7twc-fya8
vulnerability_id VCID-kzju-7twc-fya8
summary NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
8
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
9
reference_url https://security.archlinux.org/ASA-202006-4
reference_id ASA-202006-4
reference_type
scores
url https://security.archlinux.org/ASA-202006-4
10
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
11
reference_url https://security.archlinux.org/AVG-1179
reference_id AVG-1179
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1179
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
reference_id mfsa2020-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
reference_id mfsa2020-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
fixed_packages
0
url pkg:alpm/archlinux/firefox@77.0-1
purl pkg:alpm/archlinux/firefox@77.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@77.0-1
aliases CVE-2020-12399
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzju-7twc-fya8
4
url VCID-qkma-a8c1-2kaa
vulnerability_id VCID-qkma-a8c1-2kaa
summary When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL.
references
0
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
1
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
fixed_packages
0
url pkg:alpm/archlinux/firefox@77.0-1
purl pkg:alpm/archlinux/firefox@77.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@77.0-1
aliases CVE-2020-12409
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkma-a8c1-2kaa
5
url VCID-u3t9-ty7y-vkb8
vulnerability_id VCID-u3t9-ty7y-vkb8
summary When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
5
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
6
reference_url https://security.archlinux.org/ASA-202006-4
reference_id ASA-202006-4
reference_type
scores
url https://security.archlinux.org/ASA-202006-4
7
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
8
reference_url https://security.archlinux.org/AVG-1179
reference_id AVG-1179
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1179
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
reference_id mfsa2020-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
reference_id mfsa2020-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
fixed_packages
0
url pkg:alpm/archlinux/firefox@77.0-1
purl pkg:alpm/archlinux/firefox@77.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@77.0-1
aliases CVE-2020-12405
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u3t9-ty7y-vkb8
6
url VCID-xcz4-bmu6-kfe2
vulnerability_id VCID-xcz4-bmu6-kfe2
summary Mozilla developers Tom Tung and Karl Tomlinson reported memory safety bugs present in Firefox 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
5
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
6
reference_url https://security.archlinux.org/ASA-202006-4
reference_id ASA-202006-4
reference_type
scores
url https://security.archlinux.org/ASA-202006-4
7
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
8
reference_url https://security.archlinux.org/AVG-1179
reference_id AVG-1179
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1179
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
reference_id mfsa2020-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
reference_id mfsa2020-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
fixed_packages
0
url pkg:alpm/archlinux/firefox@77.0-1
purl pkg:alpm/archlinux/firefox@77.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@77.0-1
aliases CVE-2020-12410
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xcz4-bmu6-kfe2
7
url VCID-zubq-2vj3-zycc
vulnerability_id VCID-zubq-2vj3-zycc
summary Mozilla developers :Gijs (he/him), Randell Jesup reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
1
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
fixed_packages
0
url pkg:alpm/archlinux/firefox@77.0-1
purl pkg:alpm/archlinux/firefox@77.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@77.0-1
aliases CVE-2020-12411
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zubq-2vj3-zycc
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@76.0.1-1