Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-wcam-fcv5-j7h4
Summary
Security researcher Toni Huttunen reported that once the favicon is
requested from a site, the remote server can keep the favicon network connection open even
when the page is later closed. This allows a malicious site to continue to use this
channel to send requests to the browser, leading to potential information disclosure, such as tracking the user across multiple IP addresses as the user changes networks.
Aliases
0
alias CVE-2016-2830
Fixed_packages
0
url pkg:mozilla/Firefox@48.0.0
purl pkg:mozilla/Firefox@48.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@48.0.0
1
url pkg:mozilla/Firefox%20ESR@45.3.0
purl pkg:mozilla/Firefox%20ESR@45.3.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@45.3.0
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2830
reference_id CVE-2016-2830
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2830
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-63
reference_id mfsa2016-63
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-63
Weaknesses
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-wcam-fcv5-j7h4