Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ar1e-t65c-4yax
Summary
moz_bug_r_a4 reports that the fix for

MFSA 2006-72 in Firefox 1.5.0.9 and Firefox 2.0.0.1
introduced a regression that allows scripts from web content
to execute arbitrary code by setting the src
attribute of an IMG tag to a specially crafted
javascript: URI.The same regression also caused javascript: URIs in
IMG tags to be executed even if JavaScript
execution was disabled in the global preferences. This facet was
noted by moz_bug_r_a4 and reported independently by
Anbo Motohiko.Thunderbird is not affected by this flaw as it will not execute
javascript: URIs in IMG tags.
Aliases
0
alias CVE-2007-0994
Fixed_packages
0
url pkg:mozilla/SeaMonkey@1.0.8
purl pkg:mozilla/SeaMonkey@1.0.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.8
1
url pkg:mozilla/SeaMonkey@1.1.1
purl pkg:mozilla/SeaMonkey@1.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.1
Affected_packages
0
url pkg:rpm/redhat/devhelp@0.10-0.7?arch=el4
purl pkg:rpm/redhat/devhelp@0.10-0.7?arch=el4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5h1w-mvpk-c7h8
1
vulnerability VCID-7dmk-4zh8-hfbf
2
vulnerability VCID-8tfu-9gxc-x7gb
3
vulnerability VCID-9yms-2e8t-sfa5
4
vulnerability VCID-ar1e-t65c-4yax
5
vulnerability VCID-ctu2-ur5f-xyhx
6
vulnerability VCID-ctyb-btzs-kubf
7
vulnerability VCID-dzxs-qh6q-nkfc
8
vulnerability VCID-gxpg-1hxr-uuam
9
vulnerability VCID-khgu-a7t9-rbdc
10
vulnerability VCID-p5pk-vdvp-q7ar
11
vulnerability VCID-qxqf-6kdy-nyap
12
vulnerability VCID-ybtw-bsv6-qbdx
13
vulnerability VCID-z276-uc3n-8fhx
14
vulnerability VCID-zthy-y4qb-eyes
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/devhelp@0.10-0.7%3Farch=el4
1
url pkg:rpm/redhat/devhelp@0.12-10.0.1?arch=el5
purl pkg:rpm/redhat/devhelp@0.12-10.0.1?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5h1w-mvpk-c7h8
1
vulnerability VCID-7dmk-4zh8-hfbf
2
vulnerability VCID-9yms-2e8t-sfa5
3
vulnerability VCID-ar1e-t65c-4yax
4
vulnerability VCID-ctu2-ur5f-xyhx
5
vulnerability VCID-ctyb-btzs-kubf
6
vulnerability VCID-gxpg-1hxr-uuam
7
vulnerability VCID-khgu-a7t9-rbdc
8
vulnerability VCID-p5pk-vdvp-q7ar
9
vulnerability VCID-qxqf-6kdy-nyap
10
vulnerability VCID-ybtw-bsv6-qbdx
11
vulnerability VCID-z276-uc3n-8fhx
12
vulnerability VCID-zthy-y4qb-eyes
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/devhelp@0.12-10.0.1%3Farch=el5
2
url pkg:rpm/redhat/firefox@1.5.0.10-0.1?arch=el4
purl pkg:rpm/redhat/firefox@1.5.0.10-0.1?arch=el4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5h1w-mvpk-c7h8
1
vulnerability VCID-7dmk-4zh8-hfbf
2
vulnerability VCID-9yms-2e8t-sfa5
3
vulnerability VCID-ar1e-t65c-4yax
4
vulnerability VCID-ctu2-ur5f-xyhx
5
vulnerability VCID-ctyb-btzs-kubf
6
vulnerability VCID-dzxs-qh6q-nkfc
7
vulnerability VCID-gxpg-1hxr-uuam
8
vulnerability VCID-khgu-a7t9-rbdc
9
vulnerability VCID-p5pk-vdvp-q7ar
10
vulnerability VCID-qxqf-6kdy-nyap
11
vulnerability VCID-ybtw-bsv6-qbdx
12
vulnerability VCID-z276-uc3n-8fhx
13
vulnerability VCID-zthy-y4qb-eyes
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@1.5.0.10-0.1%3Farch=el4
3
url pkg:rpm/redhat/firefox@1.5.0.10-2?arch=el5
purl pkg:rpm/redhat/firefox@1.5.0.10-2?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5h1w-mvpk-c7h8
1
vulnerability VCID-7dmk-4zh8-hfbf
2
vulnerability VCID-9yms-2e8t-sfa5
3
vulnerability VCID-ar1e-t65c-4yax
4
vulnerability VCID-ctu2-ur5f-xyhx
5
vulnerability VCID-ctyb-btzs-kubf
6
vulnerability VCID-gxpg-1hxr-uuam
7
vulnerability VCID-khgu-a7t9-rbdc
8
vulnerability VCID-p5pk-vdvp-q7ar
9
vulnerability VCID-qxqf-6kdy-nyap
10
vulnerability VCID-ybtw-bsv6-qbdx
11
vulnerability VCID-z276-uc3n-8fhx
12
vulnerability VCID-zthy-y4qb-eyes
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@1.5.0.10-2%3Farch=el5
4
url pkg:rpm/redhat/seamonkey@1.0.8-0.2?arch=el3
purl pkg:rpm/redhat/seamonkey@1.0.8-0.2?arch=el3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5h1w-mvpk-c7h8
1
vulnerability VCID-7dmk-4zh8-hfbf
2
vulnerability VCID-8tfu-9gxc-x7gb
3
vulnerability VCID-9yms-2e8t-sfa5
4
vulnerability VCID-ar1e-t65c-4yax
5
vulnerability VCID-ctu2-ur5f-xyhx
6
vulnerability VCID-ctyb-btzs-kubf
7
vulnerability VCID-dzxs-qh6q-nkfc
8
vulnerability VCID-gxpg-1hxr-uuam
9
vulnerability VCID-khgu-a7t9-rbdc
10
vulnerability VCID-p5pk-vdvp-q7ar
11
vulnerability VCID-qxqf-6kdy-nyap
12
vulnerability VCID-ybtw-bsv6-qbdx
13
vulnerability VCID-z276-uc3n-8fhx
14
vulnerability VCID-zthy-y4qb-eyes
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.8-0.2%3Farch=el3
5
url pkg:rpm/redhat/seamonkey@1.0.8-0.2?arch=el4
purl pkg:rpm/redhat/seamonkey@1.0.8-0.2?arch=el4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5h1w-mvpk-c7h8
1
vulnerability VCID-7dmk-4zh8-hfbf
2
vulnerability VCID-8tfu-9gxc-x7gb
3
vulnerability VCID-9yms-2e8t-sfa5
4
vulnerability VCID-ar1e-t65c-4yax
5
vulnerability VCID-ctu2-ur5f-xyhx
6
vulnerability VCID-ctyb-btzs-kubf
7
vulnerability VCID-dzxs-qh6q-nkfc
8
vulnerability VCID-gxpg-1hxr-uuam
9
vulnerability VCID-khgu-a7t9-rbdc
10
vulnerability VCID-p5pk-vdvp-q7ar
11
vulnerability VCID-qxqf-6kdy-nyap
12
vulnerability VCID-ybtw-bsv6-qbdx
13
vulnerability VCID-z276-uc3n-8fhx
14
vulnerability VCID-zthy-y4qb-eyes
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.8-0.2%3Farch=el4
6
url pkg:rpm/redhat/seamonkey@1.0.8-0.2?arch=el2
purl pkg:rpm/redhat/seamonkey@1.0.8-0.2?arch=el2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5h1w-mvpk-c7h8
1
vulnerability VCID-7dmk-4zh8-hfbf
2
vulnerability VCID-8tfu-9gxc-x7gb
3
vulnerability VCID-9yms-2e8t-sfa5
4
vulnerability VCID-ar1e-t65c-4yax
5
vulnerability VCID-ctu2-ur5f-xyhx
6
vulnerability VCID-ctyb-btzs-kubf
7
vulnerability VCID-dzxs-qh6q-nkfc
8
vulnerability VCID-gxpg-1hxr-uuam
9
vulnerability VCID-khgu-a7t9-rbdc
10
vulnerability VCID-p5pk-vdvp-q7ar
11
vulnerability VCID-qxqf-6kdy-nyap
12
vulnerability VCID-ybtw-bsv6-qbdx
13
vulnerability VCID-z276-uc3n-8fhx
14
vulnerability VCID-zthy-y4qb-eyes
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.8-0.2%3Farch=el2
7
url pkg:rpm/redhat/yelp@2.16.0-14.0.1?arch=el5
purl pkg:rpm/redhat/yelp@2.16.0-14.0.1?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5h1w-mvpk-c7h8
1
vulnerability VCID-7dmk-4zh8-hfbf
2
vulnerability VCID-9yms-2e8t-sfa5
3
vulnerability VCID-ar1e-t65c-4yax
4
vulnerability VCID-ctu2-ur5f-xyhx
5
vulnerability VCID-ctyb-btzs-kubf
6
vulnerability VCID-gxpg-1hxr-uuam
7
vulnerability VCID-khgu-a7t9-rbdc
8
vulnerability VCID-p5pk-vdvp-q7ar
9
vulnerability VCID-qxqf-6kdy-nyap
10
vulnerability VCID-ybtw-bsv6-qbdx
11
vulnerability VCID-z276-uc3n-8fhx
12
vulnerability VCID-zthy-y4qb-eyes
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/yelp@2.16.0-14.0.1%3Farch=el5
References
0
reference_url ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
reference_id
reference_type
scores
url ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc
1
reference_url ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
reference_id
reference_type
scores
url ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc
2
reference_url http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733
reference_id
reference_type
scores
url http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230733
3
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
reference_id
reference_type
scores
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
4
reference_url http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
reference_id
reference_type
scores
url http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0994.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0994.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-0994
reference_id
reference_type
scores
0
value 0.0317
scoring_system epss
scoring_elements 0.86974
published_at 2026-04-24T12:55:00Z
1
value 0.0317
scoring_system epss
scoring_elements 0.86885
published_at 2026-04-01T12:55:00Z
2
value 0.0317
scoring_system epss
scoring_elements 0.86958
published_at 2026-04-18T12:55:00Z
3
value 0.0317
scoring_system epss
scoring_elements 0.86957
published_at 2026-04-21T12:55:00Z
4
value 0.0317
scoring_system epss
scoring_elements 0.86895
published_at 2026-04-02T12:55:00Z
5
value 0.0317
scoring_system epss
scoring_elements 0.86914
published_at 2026-04-04T12:55:00Z
6
value 0.0317
scoring_system epss
scoring_elements 0.86907
published_at 2026-04-07T12:55:00Z
7
value 0.0317
scoring_system epss
scoring_elements 0.86928
published_at 2026-04-08T12:55:00Z
8
value 0.0317
scoring_system epss
scoring_elements 0.86935
published_at 2026-04-09T12:55:00Z
9
value 0.0317
scoring_system epss
scoring_elements 0.86949
published_at 2026-04-11T12:55:00Z
10
value 0.0317
scoring_system epss
scoring_elements 0.86944
published_at 2026-04-12T12:55:00Z
11
value 0.0317
scoring_system epss
scoring_elements 0.86939
published_at 2026-04-13T12:55:00Z
12
value 0.0317
scoring_system epss
scoring_elements 0.86954
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-0994
7
reference_url http://secunia.com/advisories/24384
reference_id
reference_type
scores
url http://secunia.com/advisories/24384
8
reference_url http://secunia.com/advisories/24395
reference_id
reference_type
scores
url http://secunia.com/advisories/24395
9
reference_url http://secunia.com/advisories/24455
reference_id
reference_type
scores
url http://secunia.com/advisories/24455
10
reference_url http://secunia.com/advisories/24457
reference_id
reference_type
scores
url http://secunia.com/advisories/24457
11
reference_url http://secunia.com/advisories/24650
reference_id
reference_type
scores
url http://secunia.com/advisories/24650
12
reference_url http://secunia.com/advisories/25588
reference_id
reference_type
scores
url http://secunia.com/advisories/25588
13
reference_url http://securitytracker.com/id?1017726
reference_id
reference_type
scores
url http://securitytracker.com/id?1017726
14
reference_url https://issues.rpath.com/browse/RPL-1103
reference_id
reference_type
scores
url https://issues.rpath.com/browse/RPL-1103
15
reference_url http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
reference_id
reference_type
scores
url http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
16
reference_url http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
reference_id
reference_type
scores
url http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
17
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9749
18
reference_url http://www.debian.org/security/2007/dsa-1336
reference_id
reference_type
scores
url http://www.debian.org/security/2007/dsa-1336
19
reference_url http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2007/mfsa2007-09.html
20
reference_url http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
21
reference_url http://www.redhat.com/support/errata/RHSA-2007-0078.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2007-0078.html
22
reference_url http://www.redhat.com/support/errata/RHSA-2007-0097.html
reference_id
reference_type
scores
url http://www.redhat.com/support/errata/RHSA-2007-0097.html
23
reference_url http://www.securityfocus.com/bid/22826
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/22826
24
reference_url http://www.vupen.com/english/advisories/2007/0823
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2007/0823
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1618286
reference_id 1618286
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1618286
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0994
reference_id CVE-2007-0994
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0994
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2007-0994
reference_id CVE-2007-0994
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2007-0994
31
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2007-09
reference_id mfsa2007-09
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2007-09
32
reference_url https://access.redhat.com/errata/RHSA-2007:0077
reference_id RHSA-2007:0077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0077
33
reference_url https://access.redhat.com/errata/RHSA-2007:0079
reference_id RHSA-2007:0079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0079
34
reference_url https://access.redhat.com/errata/RHSA-2007:0097
reference_id RHSA-2007:0097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0097
Weaknesses
0
cwe_id 94
name Improper Control of Generation of Code ('Code Injection')
description The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Exploits
Severity_range_score6.8 - 10.0
Exploitability0.5
Weighted_severity9.0
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ar1e-t65c-4yax