Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-xs6r-rhtz-xqed

Summary

Mozilla developer Ehsan Akhgari reported that a
function used to load external libraries on Windows platforms was
using a relative path to a DLL-loading application and was thus
vulnerable to binary planting if an attacker was able to place an
executable of the same name in the current working directory or any of
the other locations that Windows searches for executables.Dmitri Gribenko reported that the script used to
launch Mozilla applications on Linux was effectively including the
current working directory in the LD_LIBRARY_PATH
environment variable.  If an attacker was able to place into the
current working directory a malicious shared library with the same
name as a library that the bootstrapping script depends on the
attacker could have their library loaded instead of the legitimate
library.

Aliases

alias	CVE-2010-3182

Fixed_packages

Affected_packages

References

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3182
reference_id	CVE-2010-3182
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3182

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2010-71

reference_id

mfsa2010-71

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2010-71

Weaknesses

Exploits

Severity_range_score 9.0 - 10.0

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xs6r-rhtz-xqed

Vulnerability Instance