Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:alpm/archlinux/firefox@91.0.1-1

Type alpm

Namespace archlinux

Name firefox

Version 91.0.1-1

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 92.0-1

Latest_non_vulnerable_version 101.0-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-g7z8-217k-3ygy

vulnerability_id VCID-g7z8-217k-3ygy

summary Firefox incorrectly accepted a newline in a HTTP/3 header, interpreting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3.

references

reference_url

https://security.archlinux.org/AVG-2291

reference_id

AVG-2291

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2291

reference_url

https://security.archlinux.org/AVG-2301

reference_id

AVG-2301

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2301

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-37

reference_id

mfsa2021-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2021-37

fixed_packages

url	pkg:alpm/archlinux/firefox@91.0.1-1
purl	pkg:alpm/archlinux/firefox@91.0.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@91.0.1-1

aliases CVE-2021-29991

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g7z8-217k-3ygy

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@91.0.1-1

Package Instance