Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
Typeapk
Namespacealpine
Namefirefox
Version77.0-r0
Qualifiers
arch x86_64
distroversion v3.19
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version78.0-r0
Latest_non_vulnerable_version119.0-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4qav-6sgf-1qfc
vulnerability_id VCID-4qav-6sgf-1qfc
summary Mozilla developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12406.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12406.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12406
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.4864
published_at 2026-06-07T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48587
published_at 2026-06-04T12:55:00Z
2
value 0.0025
scoring_system epss
scoring_elements 0.48651
published_at 2026-06-05T12:55:00Z
3
value 0.0025
scoring_system epss
scoring_elements 0.48659
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12406
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1843312
reference_id 1843312
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1843312
9
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
10
reference_url https://security.archlinux.org/ASA-202006-4
reference_id ASA-202006-4
reference_type
scores
url https://security.archlinux.org/ASA-202006-4
11
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
12
reference_url https://security.archlinux.org/AVG-1179
reference_id AVG-1179
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1179
13
reference_url https://security.gentoo.org/glsa/202006-07
reference_id GLSA-202006-07
reference_type
scores
url https://security.gentoo.org/glsa/202006-07
14
reference_url https://security.gentoo.org/glsa/202006-19
reference_id GLSA-202006-19
reference_type
scores
url https://security.gentoo.org/glsa/202006-19
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
reference_id mfsa2020-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
17
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
reference_id mfsa2020-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
18
reference_url https://access.redhat.com/errata/RHSA-2020:2378
reference_id RHSA-2020:2378
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2378
19
reference_url https://access.redhat.com/errata/RHSA-2020:2379
reference_id RHSA-2020:2379
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2379
20
reference_url https://access.redhat.com/errata/RHSA-2020:2380
reference_id RHSA-2020:2380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2380
21
reference_url https://access.redhat.com/errata/RHSA-2020:2381
reference_id RHSA-2020:2381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2381
22
reference_url https://access.redhat.com/errata/RHSA-2020:2382
reference_id RHSA-2020:2382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2382
23
reference_url https://access.redhat.com/errata/RHSA-2020:2611
reference_id RHSA-2020:2611
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2611
24
reference_url https://access.redhat.com/errata/RHSA-2020:2613
reference_id RHSA-2020:2613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2613
25
reference_url https://access.redhat.com/errata/RHSA-2020:2614
reference_id RHSA-2020:2614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2614
26
reference_url https://access.redhat.com/errata/RHSA-2020:2615
reference_id RHSA-2020:2615
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2615
27
reference_url https://access.redhat.com/errata/RHSA-2020:2616
reference_id RHSA-2020:2616
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2616
28
reference_url https://usn.ubuntu.com/4383-1/
reference_id USN-4383-1
reference_type
scores
url https://usn.ubuntu.com/4383-1/
29
reference_url https://usn.ubuntu.com/4421-1/
reference_id USN-4421-1
reference_type
scores
url https://usn.ubuntu.com/4421-1/
fixed_packages
0
url pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@77.0-r0%3Farch=x86_64&distroversion=v3.19&reponame=community
aliases CVE-2020-12406
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qav-6sgf-1qfc
1
url VCID-8rd2-145r-8uf5
vulnerability_id VCID-8rd2-145r-8uf5
summary When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12408
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.28711
published_at 2026-06-05T12:55:00Z
1
value 0.00108
scoring_system epss
scoring_elements 0.28633
published_at 2026-06-07T12:55:00Z
2
value 0.00108
scoring_system epss
scoring_elements 0.28639
published_at 2026-06-04T12:55:00Z
3
value 0.00108
scoring_system epss
scoring_elements 0.2867
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12408
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
3
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
4
reference_url https://security.gentoo.org/glsa/202006-07
reference_id GLSA-202006-07
reference_type
scores
url https://security.gentoo.org/glsa/202006-07
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
6
reference_url https://usn.ubuntu.com/4383-1/
reference_id USN-4383-1
reference_type
scores
url https://usn.ubuntu.com/4383-1/
fixed_packages
0
url pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@77.0-r0%3Farch=x86_64&distroversion=v3.19&reponame=community
aliases CVE-2020-12408
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8rd2-145r-8uf5
2
url VCID-kzju-7twc-fya8
vulnerability_id VCID-kzju-7twc-fya8
summary NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12399.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12399.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12399
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25606
published_at 2026-06-07T12:55:00Z
1
value 0.0009
scoring_system epss
scoring_elements 0.25561
published_at 2026-06-04T12:55:00Z
2
value 0.0009
scoring_system epss
scoring_elements 0.25663
published_at 2026-06-05T12:55:00Z
3
value 0.0009
scoring_system epss
scoring_elements 0.25653
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12399
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17023
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
10
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1826177
reference_id 1826177
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1826177
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961752
reference_id 961752
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961752
13
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
14
reference_url https://security.archlinux.org/ASA-202006-4
reference_id ASA-202006-4
reference_type
scores
url https://security.archlinux.org/ASA-202006-4
15
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
16
reference_url https://security.archlinux.org/AVG-1179
reference_id AVG-1179
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1179
17
reference_url https://security.gentoo.org/glsa/202007-49
reference_id GLSA-202007-49
reference_type
scores
url https://security.gentoo.org/glsa/202007-49
18
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
19
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
reference_id mfsa2020-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-21
20
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
reference_id mfsa2020-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-22
21
reference_url https://access.redhat.com/errata/RHSA-2020:3280
reference_id RHSA-2020:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3280
22
reference_url https://usn.ubuntu.com/4383-1/
reference_id USN-4383-1
reference_type
scores
url https://usn.ubuntu.com/4383-1/
23
reference_url https://usn.ubuntu.com/4397-1/
reference_id USN-4397-1
reference_type
scores
url https://usn.ubuntu.com/4397-1/
24
reference_url https://usn.ubuntu.com/4397-2/
reference_id USN-4397-2
reference_type
scores
url https://usn.ubuntu.com/4397-2/
25
reference_url https://usn.ubuntu.com/4421-1/
reference_id USN-4421-1
reference_type
scores
url https://usn.ubuntu.com/4421-1/
fixed_packages
0
url pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@77.0-r0%3Farch=x86_64&distroversion=v3.19&reponame=community
aliases CVE-2020-12399
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzju-7twc-fya8
3
url VCID-qkma-a8c1-2kaa
vulnerability_id VCID-qkma-a8c1-2kaa
summary When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12409
reference_id
reference_type
scores
0
value 0.00204
scoring_system epss
scoring_elements 0.42414
published_at 2026-06-05T12:55:00Z
1
value 0.00204
scoring_system epss
scoring_elements 0.42398
published_at 2026-06-07T12:55:00Z
2
value 0.00204
scoring_system epss
scoring_elements 0.42339
published_at 2026-06-04T12:55:00Z
3
value 0.00204
scoring_system epss
scoring_elements 0.42425
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12409
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
3
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
4
reference_url https://security.gentoo.org/glsa/202006-07
reference_id GLSA-202006-07
reference_type
scores
url https://security.gentoo.org/glsa/202006-07
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
6
reference_url https://usn.ubuntu.com/4383-1/
reference_id USN-4383-1
reference_type
scores
url https://usn.ubuntu.com/4383-1/
fixed_packages
0
url pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@77.0-r0%3Farch=x86_64&distroversion=v3.19&reponame=community
aliases CVE-2020-12409
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkma-a8c1-2kaa
4
url VCID-zubq-2vj3-zycc
vulnerability_id VCID-zubq-2vj3-zycc
summary Mozilla developers :Gijs (he/him), Randell Jesup reported memory safety bugs present in Firefox 76. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12411
reference_id
reference_type
scores
0
value 0.00375
scoring_system epss
scoring_elements 0.59497
published_at 2026-06-05T12:55:00Z
1
value 0.00375
scoring_system epss
scoring_elements 0.59492
published_at 2026-06-07T12:55:00Z
2
value 0.00375
scoring_system epss
scoring_elements 0.59447
published_at 2026-06-04T12:55:00Z
3
value 0.00375
scoring_system epss
scoring_elements 0.59501
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12411
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.archlinux.org/ASA-202006-1
reference_id ASA-202006-1
reference_type
scores
url https://security.archlinux.org/ASA-202006-1
3
reference_url https://security.archlinux.org/AVG-1173
reference_id AVG-1173
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1173
4
reference_url https://security.gentoo.org/glsa/202006-07
reference_id GLSA-202006-07
reference_type
scores
url https://security.gentoo.org/glsa/202006-07
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
reference_id mfsa2020-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-20
6
reference_url https://usn.ubuntu.com/4383-1/
reference_id USN-4383-1
reference_type
scores
url https://usn.ubuntu.com/4383-1/
fixed_packages
0
url pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/firefox@77.0-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@77.0-r0%3Farch=x86_64&distroversion=v3.19&reponame=community
aliases CVE-2020-12411
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zubq-2vj3-zycc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@77.0-r0%3Farch=x86_64&distroversion=v3.19&reponame=community