Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-rwu8-zz41-1kav
SummaryWeak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. *Note: This issue only affects Firefox for Android. Other operating systems are not affected.*
Aliases
0
alias CVE-2017-5392
Fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5392
reference_id
reference_type
scores
0
value 0.01847
scoring_system epss
scoring_elements 0.83024
published_at 2026-04-21T12:55:00Z
1
value 0.01847
scoring_system epss
scoring_elements 0.82917
published_at 2026-04-01T12:55:00Z
2
value 0.01847
scoring_system epss
scoring_elements 0.82985
published_at 2026-04-12T12:55:00Z
3
value 0.01847
scoring_system epss
scoring_elements 0.82981
published_at 2026-04-13T12:55:00Z
4
value 0.01847
scoring_system epss
scoring_elements 0.8302
published_at 2026-04-18T12:55:00Z
5
value 0.01847
scoring_system epss
scoring_elements 0.82934
published_at 2026-04-02T12:55:00Z
6
value 0.01847
scoring_system epss
scoring_elements 0.82946
published_at 2026-04-04T12:55:00Z
7
value 0.01847
scoring_system epss
scoring_elements 0.82943
published_at 2026-04-07T12:55:00Z
8
value 0.01847
scoring_system epss
scoring_elements 0.82968
published_at 2026-04-08T12:55:00Z
9
value 0.01847
scoring_system epss
scoring_elements 0.82975
published_at 2026-04-09T12:55:00Z
10
value 0.01847
scoring_system epss
scoring_elements 0.82991
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5392
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1293709
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1293709
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5392
reference_id CVE-2017-5392
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5392
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
Weaknesses
0
cwe_id 119
name Improper Restriction of Operations within the Bounds of a Memory Buffer
description The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Exploits
Severity_range_score7.5 - 10.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-rwu8-zz41-1kav