Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-tmb8-vc5k-tbbc
Summary
Security researcher Juho Nurminen reported a mechanism to spoof the
URL displayed in the addressbar in reader mode by manipulating the loaded URL. This flaw
allows for the URL displayed to be different than that the web content rendered. This
allows for potential spoofing but the effects are mitigated due to the restrictions reader
mode places when rendering content.
Aliases
0
alias CVE-2015-4508
Fixed_packages
0
url pkg:mozilla/Firefox@41.0.0
purl pkg:mozilla/Firefox@41.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@41.0.0
1
url pkg:mozilla/SeaMonkey@2.38.0
purl pkg:mozilla/SeaMonkey@2.38.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.38.0
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4508.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4508.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-4508
reference_id
reference_type
scores
0
value 0.00697
scoring_system epss
scoring_elements 0.71996
published_at 2026-04-24T12:55:00Z
1
value 0.00697
scoring_system epss
scoring_elements 0.71884
published_at 2026-04-01T12:55:00Z
2
value 0.00697
scoring_system epss
scoring_elements 0.71891
published_at 2026-04-02T12:55:00Z
3
value 0.00697
scoring_system epss
scoring_elements 0.71911
published_at 2026-04-04T12:55:00Z
4
value 0.00697
scoring_system epss
scoring_elements 0.71882
published_at 2026-04-07T12:55:00Z
5
value 0.00697
scoring_system epss
scoring_elements 0.71921
published_at 2026-04-13T12:55:00Z
6
value 0.00697
scoring_system epss
scoring_elements 0.71932
published_at 2026-04-09T12:55:00Z
7
value 0.00697
scoring_system epss
scoring_elements 0.71956
published_at 2026-04-11T12:55:00Z
8
value 0.00697
scoring_system epss
scoring_elements 0.71939
published_at 2026-04-12T12:55:00Z
9
value 0.00697
scoring_system epss
scoring_elements 0.71963
published_at 2026-04-16T12:55:00Z
10
value 0.00697
scoring_system epss
scoring_elements 0.71967
published_at 2026-04-18T12:55:00Z
11
value 0.00697
scoring_system epss
scoring_elements 0.71952
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-4508
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1265624
reference_id 1265624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1265624
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4508
reference_id CVE-2015-4508
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4508
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2015-103
reference_id mfsa2015-103
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2015-103
5
reference_url https://usn.ubuntu.com/2743-1/
reference_id USN-2743-1
reference_type
scores
url https://usn.ubuntu.com/2743-1/
Weaknesses
0
cwe_id 120
name Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
description The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
Exploits
Severity_range_score0.1 - 3
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-tmb8-vc5k-tbbc