Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-qu47-gy34-3fhf
Summary
Mozilla security researcher moz_bug_r_a4 reported
that the XPCOM utility XPCVariant::VariantDataToJS
unwrapped doubly-wrapped objects before returning them to chrome
callers.  This could result in chrome privileged code calling methods
on an object which had previously been created or modified by web
content, potentially executing malicious JavaScript code with chrome
privileges.
Aliases
0
alias CVE-2009-3374
Fixed_packages
0
url pkg:mozilla/Firefox@3.0.15
purl pkg:mozilla/Firefox@3.0.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.15
1
url pkg:mozilla/Firefox@3.5.4
purl pkg:mozilla/Firefox@3.5.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374
reference_id CVE-2009-3374
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2009-57
reference_id mfsa2009-57
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2009-57
Weaknesses
Exploits
Severity_range_score9.0 - 10.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-qu47-gy34-3fhf