Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-c3dt-fgub-cbb5

Summary

Mozilla developer Matthew Noorenberghe reported that
whitelisted Mozilla domains could make UITour API calls while the
UI Tour pages for Firefox are present in background tabs. If one of these
Mozilla domains was compromised and open in another tab, an attacker could then
use that tab to engage in spoofing and clickjacking in any foreground tab.

Aliases

alias	CVE-2015-0819

Fixed_packages

url	pkg:mozilla/Firefox@36.0.0
purl	pkg:mozilla/Firefox@36.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@36.0.0

Affected_packages

References

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0819
reference_id	CVE-2015-0819
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0819

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-26

reference_id

mfsa2015-26

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-26

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3dt-fgub-cbb5

Vulnerability Instance