Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-c3hz-p1eg-cyev
Summary
Security researcher Mark Poticha reported an issue where
incorrect SSL certificate information can be displayed on the addressbar,
showing the SSL data for a previous site while another has been loaded. This is
caused by two onLocationChange events being fired out of the expected order,
leading to the displayed certificate data to not be updated. This can be used
for phishing attacks by allowing the user to input form or other data on a
newer, attacking, site while the credentials of an older site appear on the
addressbar.
Aliases
0
alias CVE-2012-3976
Fixed_packages
0
url pkg:mozilla/Firefox@15.0.0
purl pkg:mozilla/Firefox@15.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@15.0.0
1
url pkg:mozilla/Firefox%20ESR@10.0.7
purl pkg:mozilla/Firefox%20ESR@10.0.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@10.0.7
2
url pkg:mozilla/SeaMonkey@2.12.0
purl pkg:mozilla/SeaMonkey@2.12.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.12.0
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3976
reference_id CVE-2012-3976
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3976
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-69
reference_id mfsa2012-69
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-69
Weaknesses
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-c3hz-p1eg-cyev