Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-g45q-v1td-9qcz
SummaryIf a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data.
Aliases
0
alias CVE-2019-9802
Fixed_packages
0
url pkg:alpm/archlinux/firefox@66.0-1
purl pkg:alpm/archlinux/firefox@66.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8rq6-26hu-m3gz
1
vulnerability VCID-sk9f-516d-xqh7
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@66.0-1
1
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
2
url pkg:deb/debian/firefox@66.0-1?distro=sid
purl pkg:deb/debian/firefox@66.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@66.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
4
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
Affected_packages
0
url pkg:alpm/archlinux/firefox@65.0.2-1
purl pkg:alpm/archlinux/firefox@65.0.2-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-23v6-x6d6-buca
1
vulnerability VCID-4555-zn45-mfd8
2
vulnerability VCID-7aua-26jh-y3cr
3
vulnerability VCID-7yw2-2r4n-rugg
4
vulnerability VCID-a2k9-85qx-u7cy
5
vulnerability VCID-bxng-uq7z-hubn
6
vulnerability VCID-drcd-xhd2-27hn
7
vulnerability VCID-f2z3-egzk-efgj
8
vulnerability VCID-g45q-v1td-9qcz
9
vulnerability VCID-gyt6-vfya-pueg
10
vulnerability VCID-rhzx-ha7x-dfew
11
vulnerability VCID-t1cv-pb54-xyge
12
vulnerability VCID-tff1-6wkz-jyar
13
vulnerability VCID-vrvn-krwb-d3dr
14
vulnerability VCID-wwck-cpa8-y3c5
15
vulnerability VCID-x4sm-zyc1-ffd4
16
vulnerability VCID-zcdh-q78g-x7gr
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@65.0.2-1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9802
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43673
published_at 2026-04-21T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.43647
published_at 2026-04-01T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.4375
published_at 2026-04-16T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.4374
published_at 2026-04-18T12:55:00Z
4
value 0.00212
scoring_system epss
scoring_elements 0.43704
published_at 2026-04-02T12:55:00Z
5
value 0.00212
scoring_system epss
scoring_elements 0.43729
published_at 2026-04-04T12:55:00Z
6
value 0.00212
scoring_system epss
scoring_elements 0.43663
published_at 2026-04-07T12:55:00Z
7
value 0.00212
scoring_system epss
scoring_elements 0.43713
published_at 2026-04-08T12:55:00Z
8
value 0.00212
scoring_system epss
scoring_elements 0.43716
published_at 2026-04-09T12:55:00Z
9
value 0.00212
scoring_system epss
scoring_elements 0.43736
published_at 2026-04-11T12:55:00Z
10
value 0.00212
scoring_system epss
scoring_elements 0.43705
published_at 2026-04-12T12:55:00Z
11
value 0.00212
scoring_system epss
scoring_elements 0.43688
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9802
1
reference_url https://security.archlinux.org/ASA-201903-11
reference_id ASA-201903-11
reference_type
scores
url https://security.archlinux.org/ASA-201903-11
2
reference_url https://security.archlinux.org/AVG-925
reference_id AVG-925
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-925
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
reference_id mfsa2019-07
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
4
reference_url https://usn.ubuntu.com/3918-1/
reference_id USN-3918-1
reference_type
scores
url https://usn.ubuntu.com/3918-1/
5
reference_url https://usn.ubuntu.com/3918-2/
reference_id USN-3918-2
reference_type
scores
url https://usn.ubuntu.com/3918-2/
Weaknesses
Exploits
Severity_range_score9.0 - 10.0
Exploitability0.5
Weighted_severity9.0
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-g45q-v1td-9qcz