Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-acvt-dayv-bffc

Summary

Security researcher Felix Gröbert of Google discovered an out of
bounds read in the QCMS color management library while manipulating an image with specific
attributes in its ICC V4 profile. This causes a crash and could lead to information
disclosure.

Aliases

alias	CVE-2015-4504

Fixed_packages

url	pkg:mozilla/Firefox@41.0.0
purl	pkg:mozilla/Firefox@41.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@41.0.0

url	pkg:mozilla/SeaMonkey@2.38.0
purl	pkg:mozilla/SeaMonkey@2.38.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.38.0

Affected_packages

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4504.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4504.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4504

reference_id

reference_type

scores

value	0.02099
scoring_system	epss
scoring_elements	0.84108
published_at	2026-04-24T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.83986
published_at	2026-04-01T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84001
published_at	2026-04-02T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84017
published_at	2026-04-04T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84021
published_at	2026-04-07T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84044
published_at	2026-04-08T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.8405
published_at	2026-04-09T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84067
published_at	2026-04-11T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84061
published_at	2026-04-12T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84056
published_at	2026-04-13T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84079
published_at	2026-04-16T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84082
published_at	2026-04-18T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.84083
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4504

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1265596
reference_id	1265596
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1265596

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4504
reference_id	CVE-2015-4504
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4504

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-98

reference_id

mfsa2015-98

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-98

reference_url	https://usn.ubuntu.com/2743-1/
reference_id	USN-2743-1
reference_type
scores
url	https://usn.ubuntu.com/2743-1/

Weaknesses

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-acvt-dayv-bffc

Vulnerability Instance