Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/nspr@4.8.6-1%2Bsqueeze3
Typedeb
Namespacedebian
Namenspr
Version4.8.6-1+squeeze3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2:4.12-1+debu8u1
Latest_non_vulnerable_version2:4.12-1+debu8u1
Affected_by_vulnerabilities
0
url VCID-2j41-vcxe-w3af
vulnerability_id VCID-2j41-vcxe-w3af
summary 
Security researcher Abhishek Arya (Inferno) of the Google
Chrome Security Team reported an out of bounds write in the 
Netscape 
Portable Runtime (NSPR) leading to a potentially exploitable crash or code
execution. This issue is fixed in NSPR version 4.10.6.
This NSPR flaw was not exposed to web content in any shipped version of Firefox.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545
reference_id CVE-2014-1545
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2014-55
reference_id mfsa2014-55
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2014-55
fixed_packages
0
url pkg:deb/debian/nspr@2:4.9.2-1%2Bdeb7u3
purl pkg:deb/debian/nspr@2:4.9.2-1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2j41-vcxe-w3af
1
vulnerability VCID-2sem-6a6r-suem
2
vulnerability VCID-qqrz-4j53-d3b8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.9.2-1%252Bdeb7u3
1
url pkg:deb/debian/nspr@2:4.10.7-1
purl pkg:deb/debian/nspr@2:4.10.7-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sem-6a6r-suem
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.10.7-1
aliases CVE-2014-1545
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2j41-vcxe-w3af
1
url VCID-2sem-6a6r-suem
vulnerability_id VCID-2sem-6a6r-suem
summary 
Mozilla engineers Tyson Smith and David Keeler
reported a use-after-poison and buffer overflow in the ASN.1 decoder in Network Security
Services (NSS). These issues were in octet string parsing and were found through fuzzing
and code inspection. If these issues were triggered, they would lead to a potentially
exploitable crash. These issues were fixed in NSS version 3.19.2.1 and 3.19.4, shipped in
Firefox and Firefox ESR, respectively, as well as NSS 3.20.1.Google security engineer Ryan Sleevi reported an integer overflow in
the Netscape Portable Runtime (NSPR) due to a lack of checks during memory allocation.
This leads to a potentially exploitable crash. This issue is fixed in NSPR 4.10.10. The NSPR library is a required component of NSS.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183
reference_id CVE-2015-7183
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2015-133
reference_id mfsa2015-133
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2015-133
fixed_packages
0
url pkg:deb/debian/nspr@2:4.9.2-1%2Bdeb7u3
purl pkg:deb/debian/nspr@2:4.9.2-1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2j41-vcxe-w3af
1
vulnerability VCID-2sem-6a6r-suem
2
vulnerability VCID-qqrz-4j53-d3b8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.9.2-1%252Bdeb7u3
1
url pkg:deb/debian/nspr@2:4.12-1%2Bdebu8u1
purl pkg:deb/debian/nspr@2:4.12-1%2Bdebu8u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.12-1%252Bdebu8u1
aliases CVE-2015-7183
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2sem-6a6r-suem
2
url VCID-qqrz-4j53-d3b8
vulnerability_id VCID-qqrz-4j53-d3b8
summary 
Mozilla has updated the version of Network Security
Services (NSS) library used in Mozilla projects to NSS 3.15.3 with the
exception of ESR17-based releases, which have been updated to NSS 3.14.5. This
addresses several moderate to critical rated networking security issues.Google developer Andrew Tinits reported a potentially
exploitable buffer overflow that was fixed in both NSS 3.15.3 and NSS
3.14.5.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5607
reference_id CVE-2013-5607
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5607
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2013-103
reference_id mfsa2013-103
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2013-103
fixed_packages
0
url pkg:deb/debian/nspr@2:4.9.2-1%2Bdeb7u3
purl pkg:deb/debian/nspr@2:4.9.2-1%2Bdeb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2j41-vcxe-w3af
1
vulnerability VCID-2sem-6a6r-suem
2
vulnerability VCID-qqrz-4j53-d3b8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.9.2-1%252Bdeb7u3
1
url pkg:deb/debian/nspr@2:4.10.7-1
purl pkg:deb/debian/nspr@2:4.10.7-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2sem-6a6r-suem
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@2:4.10.7-1
aliases CVE-2013-5607
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qqrz-4j53-d3b8
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/nspr@4.8.6-1%252Bsqueeze3