Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-hf9p-ajjz-k3ft
Summary
Security researcher Jordi Chancel reported that on Firefox for
Android, when a URL is pasted with an unknown protocol, such as secure: or
httpz:, the pasted URL is shown in the addressbar but no navigation occurs.
Other addressbar attributes present before this pasted URL is entered will continue to be
rendered. This could lead to potential spoofing by a malicious site. 
 This issue only affects Firefox for Android and does not affect Firefox on
OS X, Linux, or Windows operating systems.
Aliases
0
alias CVE-2015-4476
Fixed_packages
0
url pkg:mozilla/Firefox@41.0.0
purl pkg:mozilla/Firefox@41.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@41.0.0
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4476.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4476.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-4476
reference_id
reference_type
scores
0
value 0.00483
scoring_system epss
scoring_elements 0.65219
published_at 2026-04-21T12:55:00Z
1
value 0.00483
scoring_system epss
scoring_elements 0.65111
published_at 2026-04-01T12:55:00Z
2
value 0.00483
scoring_system epss
scoring_elements 0.65161
published_at 2026-04-02T12:55:00Z
3
value 0.00483
scoring_system epss
scoring_elements 0.65186
published_at 2026-04-04T12:55:00Z
4
value 0.00483
scoring_system epss
scoring_elements 0.65152
published_at 2026-04-07T12:55:00Z
5
value 0.00483
scoring_system epss
scoring_elements 0.65202
published_at 2026-04-08T12:55:00Z
6
value 0.00483
scoring_system epss
scoring_elements 0.65214
published_at 2026-04-09T12:55:00Z
7
value 0.00483
scoring_system epss
scoring_elements 0.65233
published_at 2026-04-11T12:55:00Z
8
value 0.00483
scoring_system epss
scoring_elements 0.6522
published_at 2026-04-12T12:55:00Z
9
value 0.00483
scoring_system epss
scoring_elements 0.65192
published_at 2026-04-13T12:55:00Z
10
value 0.00483
scoring_system epss
scoring_elements 0.65227
published_at 2026-04-16T12:55:00Z
11
value 0.00483
scoring_system epss
scoring_elements 0.65237
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-4476
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1265603
reference_id 1265603
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1265603
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4476
reference_id CVE-2015-4476
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4476
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2015-99
reference_id mfsa2015-99
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2015-99
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-hf9p-ajjz-k3ft