Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:mozilla/Firefox@51.0.3

Type mozilla

Namespace

Name Firefox

Version 51.0.3

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 52.0.0

Latest_non_vulnerable_version 151.0.0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-kntc-sjp9-2yfj

vulnerability_id VCID-kntc-sjp9-2yfj

summary The cache directory on the local file system is set to be world writable. Firefox defaults to extracting libraries from this cache. This allows for the possibility of an installed malicious application or tools with write access to the file system to replace files used by Firefox with their own versions.

references

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-04

reference_id

mfsa2017-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2017-04

fixed_packages

url	pkg:mozilla/Firefox@51.0.3
purl	pkg:mozilla/Firefox@51.0.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@51.0.3

aliases CVE-2017-5397

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kntc-sjp9-2yfj

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@51.0.3

Package Instance