Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-7bpy-jqqd-akej
SummaryIf an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document.
Aliases
0
alias CVE-2019-17020
Fixed_packages
0
url pkg:alpm/archlinux/firefox@72.0-1
purl pkg:alpm/archlinux/firefox@72.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a4ec-zcat-8far
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@72.0-1
Affected_packages
0
url pkg:alpm/archlinux/firefox@71.0-1
purl pkg:alpm/archlinux/firefox@71.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7bpy-jqqd-akej
1
vulnerability VCID-9hh5-pzwd-g3bc
2
vulnerability VCID-bw2w-68hs-3bcd
3
vulnerability VCID-dng7-9qkz-fbar
4
vulnerability VCID-nw5y-qanq-xfes
5
vulnerability VCID-sp2m-d2rd-nfb6
6
vulnerability VCID-wqzh-h6mn-f3b8
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@71.0-1
References
0
reference_url https://security.archlinux.org/ASA-202001-1
reference_id ASA-202001-1
reference_type
scores
url https://security.archlinux.org/ASA-202001-1
1
reference_url https://security.archlinux.org/AVG-1084
reference_id AVG-1084
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1084
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
reference_id mfsa2020-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
Weaknesses
Exploits
Severity_range_score7.0 - 10.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-7bpy-jqqd-akej