Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-tfrg-nmxp-hbgm
Summary
Masatoshi Kimura reports that the Unicode Byte-order-Mark (BOM) is
stripped from UTF-8 pages during the conversion to Unicode before
the parser sees the web page. As a result the parser will see and
process script tags that web input sanitizers may miss
because they appear as "scr[BOM]ipt" or similar in the comment code
on the web site.Although Firefox 1.5.0.4 and later will be fixed and no longer
accept such script tags, web sites will continue to be visited by
older versions of Firefox and Mozilla browsers. Web sites can protect
themselves by explicitly setting the character encoding to something other
than UTF-8, or by adding the Unicode byte-order marks to the repertoire
of the site's input sanitizer.Thunderbird shares the browser engine with Firefox
and could be vulnerable if JavaScript were to be enabled in mail. This is not
the default setting and we strongly discourage users from running
JavaScript in mail.
Aliases
0
alias CVE-2006-2783
Fixed_packages
0
url pkg:deb/debian/firefox@1.5.dfsg%2B1.5.0.4-1?distro=sid
purl pkg:deb/debian/firefox@1.5.dfsg%2B1.5.0.4-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@1.5.dfsg%252B1.5.0.4-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@151.0.3-1?distro=sid
purl pkg:deb/debian/firefox@151.0.3-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@151.0.3-1%3Fdistro=sid
2
url pkg:deb/debian/thunderbird@1.5.0.4-1?distro=trixie
purl pkg:deb/debian/thunderbird@1.5.0.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1.5.0.4-1%3Fdistro=trixie
3
url pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie
purl pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie
4
url pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie
5
url pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie
6
url pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie
7
url pkg:ebuild/mail-client/mozilla-thunderbird@1.5.0.4
purl pkg:ebuild/mail-client/mozilla-thunderbird@1.5.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/mozilla-thunderbird@1.5.0.4
8
url pkg:ebuild/mail-client/mozilla-thunderbird-bin@1.5.0.4
purl pkg:ebuild/mail-client/mozilla-thunderbird-bin@1.5.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/mozilla-thunderbird-bin@1.5.0.4
9
url pkg:ebuild/www-client/mozilla-firefox@1.5.0.4
purl pkg:ebuild/www-client/mozilla-firefox@1.5.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/mozilla-firefox@1.5.0.4
10
url pkg:ebuild/www-client/mozilla-firefox-bin@1.5.0.4
purl pkg:ebuild/www-client/mozilla-firefox-bin@1.5.0.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/mozilla-firefox-bin@1.5.0.4
11
url pkg:mozilla/SeaMonkey@1.0.2
purl pkg:mozilla/SeaMonkey@1.0.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.2
Affected_packages
0
url pkg:rpm/redhat/devhelp@0.10-0.2?arch=el4
purl pkg:rpm/redhat/devhelp@0.10-0.2?arch=el4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z22-5u43-97e6
1
vulnerability VCID-1zwd-2vsk-5kc2
2
vulnerability VCID-2egp-8q15-1ye6
3
vulnerability VCID-3uay-6bec-z3gf
4
vulnerability VCID-4he8-m5u6-kkd8
5
vulnerability VCID-57pc-k4v4-wyfn
6
vulnerability VCID-5e6q-3jug-8bbh
7
vulnerability VCID-75qe-svtv-kfed
8
vulnerability VCID-7a6f-9rfy-fyfu
9
vulnerability VCID-apk5-ufe8-27e5
10
vulnerability VCID-bk2p-yexf-qbdx
11
vulnerability VCID-cj75-txj2-4fbx
12
vulnerability VCID-d2g6-8sfq-wygt
13
vulnerability VCID-f4hn-a1c3-9fea
14
vulnerability VCID-jh4v-r9d7-yug4
15
vulnerability VCID-jmr2-fjtx-xufk
16
vulnerability VCID-pjdf-yf3g-cydn
17
vulnerability VCID-puyd-54pf-mkd5
18
vulnerability VCID-qft4-xrfb-wyh8
19
vulnerability VCID-rdb6-pks2-9qe9
20
vulnerability VCID-rr2q-d8a3-3yc2
21
vulnerability VCID-t3kn-qbsv-rfht
22
vulnerability VCID-tfrg-nmxp-hbgm
23
vulnerability VCID-tmp3-vdh2-d7eu
24
vulnerability VCID-wf4j-e15v-zuau
25
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/devhelp@0.10-0.2%3Farch=el4
1
url pkg:rpm/redhat/firefox@1.5.0.5-0.el4?arch=1
purl pkg:rpm/redhat/firefox@1.5.0.5-0.el4?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z22-5u43-97e6
1
vulnerability VCID-1zwd-2vsk-5kc2
2
vulnerability VCID-2egp-8q15-1ye6
3
vulnerability VCID-3uay-6bec-z3gf
4
vulnerability VCID-4he8-m5u6-kkd8
5
vulnerability VCID-57pc-k4v4-wyfn
6
vulnerability VCID-5e6q-3jug-8bbh
7
vulnerability VCID-75qe-svtv-kfed
8
vulnerability VCID-7a6f-9rfy-fyfu
9
vulnerability VCID-apk5-ufe8-27e5
10
vulnerability VCID-bk2p-yexf-qbdx
11
vulnerability VCID-cj75-txj2-4fbx
12
vulnerability VCID-d2g6-8sfq-wygt
13
vulnerability VCID-f4hn-a1c3-9fea
14
vulnerability VCID-jh4v-r9d7-yug4
15
vulnerability VCID-jmr2-fjtx-xufk
16
vulnerability VCID-pjdf-yf3g-cydn
17
vulnerability VCID-puyd-54pf-mkd5
18
vulnerability VCID-qft4-xrfb-wyh8
19
vulnerability VCID-rr2q-d8a3-3yc2
20
vulnerability VCID-t3kn-qbsv-rfht
21
vulnerability VCID-tfrg-nmxp-hbgm
22
vulnerability VCID-tmp3-vdh2-d7eu
23
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@1.5.0.5-0.el4%3Farch=1
2
url pkg:rpm/redhat/seamonkey@1.0.2-0.1.0?arch=EL3
purl pkg:rpm/redhat/seamonkey@1.0.2-0.1.0?arch=EL3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3uay-6bec-z3gf
1
vulnerability VCID-4he8-m5u6-kkd8
2
vulnerability VCID-5e6q-3jug-8bbh
3
vulnerability VCID-75qe-svtv-kfed
4
vulnerability VCID-d2g6-8sfq-wygt
5
vulnerability VCID-jmr2-fjtx-xufk
6
vulnerability VCID-puyd-54pf-mkd5
7
vulnerability VCID-rdb6-pks2-9qe9
8
vulnerability VCID-t3kn-qbsv-rfht
9
vulnerability VCID-tfrg-nmxp-hbgm
10
vulnerability VCID-tmp3-vdh2-d7eu
11
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.2-0.1.0%3Farch=EL3
3
url pkg:rpm/redhat/seamonkey@1.0.3-0.el4?arch=1
purl pkg:rpm/redhat/seamonkey@1.0.3-0.el4?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z22-5u43-97e6
1
vulnerability VCID-1zwd-2vsk-5kc2
2
vulnerability VCID-2egp-8q15-1ye6
3
vulnerability VCID-3uay-6bec-z3gf
4
vulnerability VCID-4he8-m5u6-kkd8
5
vulnerability VCID-57pc-k4v4-wyfn
6
vulnerability VCID-5e6q-3jug-8bbh
7
vulnerability VCID-75qe-svtv-kfed
8
vulnerability VCID-7a6f-9rfy-fyfu
9
vulnerability VCID-apk5-ufe8-27e5
10
vulnerability VCID-bk2p-yexf-qbdx
11
vulnerability VCID-cj75-txj2-4fbx
12
vulnerability VCID-d2g6-8sfq-wygt
13
vulnerability VCID-f4hn-a1c3-9fea
14
vulnerability VCID-jh4v-r9d7-yug4
15
vulnerability VCID-jmr2-fjtx-xufk
16
vulnerability VCID-pjdf-yf3g-cydn
17
vulnerability VCID-puyd-54pf-mkd5
18
vulnerability VCID-qft4-xrfb-wyh8
19
vulnerability VCID-rdb6-pks2-9qe9
20
vulnerability VCID-rr2q-d8a3-3yc2
21
vulnerability VCID-t3kn-qbsv-rfht
22
vulnerability VCID-tfrg-nmxp-hbgm
23
vulnerability VCID-tmp3-vdh2-d7eu
24
vulnerability VCID-wf4j-e15v-zuau
25
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.3-0.el4%3Farch=1
4
url pkg:rpm/redhat/thunderbird@1.5.0.5-0.el4?arch=1
purl pkg:rpm/redhat/thunderbird@1.5.0.5-0.el4?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1z22-5u43-97e6
1
vulnerability VCID-1zwd-2vsk-5kc2
2
vulnerability VCID-2egp-8q15-1ye6
3
vulnerability VCID-3uay-6bec-z3gf
4
vulnerability VCID-4he8-m5u6-kkd8
5
vulnerability VCID-5e6q-3jug-8bbh
6
vulnerability VCID-75qe-svtv-kfed
7
vulnerability VCID-7a6f-9rfy-fyfu
8
vulnerability VCID-apk5-ufe8-27e5
9
vulnerability VCID-bk2p-yexf-qbdx
10
vulnerability VCID-cj75-txj2-4fbx
11
vulnerability VCID-d2g6-8sfq-wygt
12
vulnerability VCID-f4hn-a1c3-9fea
13
vulnerability VCID-jh4v-r9d7-yug4
14
vulnerability VCID-jmr2-fjtx-xufk
15
vulnerability VCID-pjdf-yf3g-cydn
16
vulnerability VCID-puyd-54pf-mkd5
17
vulnerability VCID-qft4-xrfb-wyh8
18
vulnerability VCID-rdb6-pks2-9qe9
19
vulnerability VCID-rr2q-d8a3-3yc2
20
vulnerability VCID-t3kn-qbsv-rfht
21
vulnerability VCID-tfrg-nmxp-hbgm
22
vulnerability VCID-tmp3-vdh2-d7eu
23
vulnerability VCID-wf4j-e15v-zuau
24
vulnerability VCID-x41m-aspw-53gp
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@1.5.0.5-0.el4%3Farch=1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2783.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2783.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-2783
reference_id
reference_type
scores
0
value 0.04975
scoring_system epss
scoring_elements 0.89862
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-2783
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618117
reference_id 1618117
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618117
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2783
reference_id CVE-2006-2783
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2783
4
reference_url https://security.gentoo.org/glsa/200606-12
reference_id GLSA-200606-12
reference_type
scores
url https://security.gentoo.org/glsa/200606-12
5
reference_url https://security.gentoo.org/glsa/200606-21
reference_id GLSA-200606-21
reference_type
scores
url https://security.gentoo.org/glsa/200606-21
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2006-42
reference_id mfsa2006-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2006-42
7
reference_url https://access.redhat.com/errata/RHSA-2006:0578
reference_id RHSA-2006:0578
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0578
8
reference_url https://access.redhat.com/errata/RHSA-2006:0594
reference_id RHSA-2006:0594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0594
9
reference_url https://access.redhat.com/errata/RHSA-2006:0609
reference_id RHSA-2006:0609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0609
10
reference_url https://access.redhat.com/errata/RHSA-2006:0610
reference_id RHSA-2006:0610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0610
11
reference_url https://access.redhat.com/errata/RHSA-2006:0611
reference_id RHSA-2006:0611
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0611
Weaknesses
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-tfrg-nmxp-hbgm