Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-wp86-tmxj-nfer
SummaryIn 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could cause users to select this setting intending to activate it and inadvertently turn protections off.
Aliases
0
alias CVE-2018-5165
Fixed_packages
0
url pkg:deb/debian/firefox@60.0-1?distro=sid
purl pkg:deb/debian/firefox@60.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@60.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5165.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5165.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5165
reference_id
reference_type
scores
0
value 0.00769
scoring_system epss
scoring_elements 0.73455
published_at 2026-04-01T12:55:00Z
1
value 0.00769
scoring_system epss
scoring_elements 0.73551
published_at 2026-04-21T12:55:00Z
2
value 0.00769
scoring_system epss
scoring_elements 0.73505
published_at 2026-04-13T12:55:00Z
3
value 0.00769
scoring_system epss
scoring_elements 0.73548
published_at 2026-04-16T12:55:00Z
4
value 0.00769
scoring_system epss
scoring_elements 0.73557
published_at 2026-04-18T12:55:00Z
5
value 0.00769
scoring_system epss
scoring_elements 0.73463
published_at 2026-04-02T12:55:00Z
6
value 0.00769
scoring_system epss
scoring_elements 0.73486
published_at 2026-04-04T12:55:00Z
7
value 0.00769
scoring_system epss
scoring_elements 0.73458
published_at 2026-04-07T12:55:00Z
8
value 0.00769
scoring_system epss
scoring_elements 0.73495
published_at 2026-04-08T12:55:00Z
9
value 0.00769
scoring_system epss
scoring_elements 0.73508
published_at 2026-04-09T12:55:00Z
10
value 0.00769
scoring_system epss
scoring_elements 0.73532
published_at 2026-04-11T12:55:00Z
11
value 0.00769
scoring_system epss
scoring_elements 0.73512
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5165
2
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1451452
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1451452
3
reference_url https://www.mozilla.org/security/advisories/mfsa2018-11/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-11/
4
reference_url http://www.securityfocus.com/bid/104139
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104139
5
reference_url http://www.securitytracker.com/id/1040896
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040896
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1576266
reference_id 1576266
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1576266
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:x86:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:x86:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:x86:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-5165
reference_id CVE-2018-5165
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-5165
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-11
reference_id mfsa2018-11
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-11
Weaknesses
0
cwe_id 451
name User Interface (UI) Misrepresentation of Critical Information
description The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
Exploits
Severity_range_score5.0 - 10.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-wp86-tmxj-nfer