Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1~deb8u2
Typedeb
Namespacedebian
Namelibvorbisidec
Version1.0.2+svn18153-1~deb8u2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.2.1+git20180316-3
Latest_non_vulnerable_version1.2.1+git20180316-3
Affected_by_vulnerabilities
0
url VCID-dn6k-uzwy-8fbj
vulnerability_id VCID-dn6k-uzwy-8fbj
summary The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.*Update: The 52.7.2 source release accidentally did not include this patch (the Mozilla-produced 52.7.2 binaries are fine). Anyone building 52.7.2 on ARM should use revision 5cd5586a2f48424a9031a3fa4c782954a9df9a52 instead of the released source.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5147
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5147
1
reference_url https://security.archlinux.org/AVG-659
reference_id AVG-659
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-659
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-08
reference_id mfsa2018-08
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-08
fixed_packages
0
url pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1%2Bdeb9u1
purl pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dn6k-uzwy-8fbj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-1%252Bdeb9u1
1
url pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-3
purl pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-3
aliases CVE-2018-5147
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dn6k-uzwy-8fbj
Fixing_vulnerabilities
0
url VCID-dn6k-uzwy-8fbj
vulnerability_id VCID-dn6k-uzwy-8fbj
summary The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.*Update: The 52.7.2 source release accidentally did not include this patch (the Mozilla-produced 52.7.2 binaries are fine). Anyone building 52.7.2 on ARM should use revision 5cd5586a2f48424a9031a3fa4c782954a9df9a52 instead of the released source.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5147
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5147
1
reference_url https://security.archlinux.org/AVG-659
reference_id AVG-659
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-659
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-08
reference_id mfsa2018-08
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-08
fixed_packages
0
url pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1~deb8u2
purl pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1~deb8u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dn6k-uzwy-8fbj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-1~deb8u2
1
url pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1%2Bdeb9u1
purl pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dn6k-uzwy-8fbj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-1%252Bdeb9u1
2
url pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-3
purl pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-3
aliases CVE-2018-5147
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dn6k-uzwy-8fbj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-1~deb8u2