Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-exe4-822w-1ug5

Summary The instanceof operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element.

Aliases

alias	CVE-2017-7820

Fixed_packages

Affected_packages

References

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

reference_id

mfsa2017-21

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-21

Weaknesses

Exploits

Severity_range_score 9.0 - 10.0

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-exe4-822w-1ug5

Vulnerability Instance