Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:mozilla/SeaMonkey@2.0.0
Typemozilla
Namespace
NameSeaMonkey
Version2.0.0
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.0.1
Latest_non_vulnerable_version2.38.0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-bwba-bq5v-y3cf
vulnerability_id VCID-bwba-bq5v-y3cf
summary 
Security research firm iDefense reported that
researcher regenrecht discovered a heap-based buffer
overflow in Mozilla's GIF image parser.  This vulnerability could
potentially be used by an attacker to crash a victim's browser and run
arbitrary code on their computer.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373
reference_id CVE-2009-3373
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2009-56
reference_id mfsa2009-56
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2009-56
fixed_packages
0
url pkg:mozilla/SeaMonkey@2.0.0
purl pkg:mozilla/SeaMonkey@2.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.0.0
aliases CVE-2009-3373
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bwba-bq5v-y3cf
1
url VCID-cdn3-4erv-3kbs
vulnerability_id VCID-cdn3-4erv-3kbs
summary 
Security researcher Marco C. reported a flaw in
the parsing of regular expressions used in Proxy Auto-configuration
(PAC) files.  In certain cases this flaw could be used by an attacker
to crash a victim's browser and run arbitrary code on their computer.
Since this vulnerability requires the victim to have PAC configured in
their environment with specific regular expressions which can trigger
the crash, the severity of the issue was determined to be
moderate.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372
reference_id CVE-2009-3372
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2009-55
reference_id mfsa2009-55
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2009-55
fixed_packages
0
url pkg:mozilla/SeaMonkey@2.0.0
purl pkg:mozilla/SeaMonkey@2.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.0.0
aliases CVE-2009-3372
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cdn3-4erv-3kbs
2
url VCID-rub4-fa7f-tfe8
vulnerability_id VCID-rub4-fa7f-tfe8
summary 
Mozilla security researchers Jesse Ruderman
and Sid Stamm reported that when downloading a file
containing a right-to-left override character (RTL) in the filename,
the name displayed in the dialog title bar conflicts with the name of
the file shown in the dialog body.  An attacker could use this
vulnerability to obfuscate the name and file extension of a file to be
downloaded and opened, potentially causing a user to run an executable
file when they expected to open a non-executable file.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376
reference_id CVE-2009-3376
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2009-62
reference_id mfsa2009-62
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2009-62
fixed_packages
0
url pkg:mozilla/SeaMonkey@2.0.0
purl pkg:mozilla/SeaMonkey@2.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.0.0
aliases CVE-2009-3376
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rub4-fa7f-tfe8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.0.0