Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:mozilla/Firefox%20ESR@60.7.0
Typemozilla
Namespace
NameFirefox ESR
Version60.7.0
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version60.7.1
Latest_non_vulnerable_version140.10.2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2z7p-2uj3-2qfb
vulnerability_id VCID-2z7p-2uj3-2qfb
summary If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9815
reference_id
reference_type
scores
0
value 0.0102
scoring_system epss
scoring_elements 0.77343
published_at 2026-05-07T12:55:00Z
1
value 0.0102
scoring_system epss
scoring_elements 0.77295
published_at 2026-04-26T12:55:00Z
2
value 0.0102
scoring_system epss
scoring_elements 0.7731
published_at 2026-04-29T12:55:00Z
3
value 0.0102
scoring_system epss
scoring_elements 0.77315
published_at 2026-05-05T12:55:00Z
4
value 0.0102
scoring_system epss
scoring_elements 0.77162
published_at 2026-04-01T12:55:00Z
5
value 0.0102
scoring_system epss
scoring_elements 0.77169
published_at 2026-04-02T12:55:00Z
6
value 0.0102
scoring_system epss
scoring_elements 0.77198
published_at 2026-04-04T12:55:00Z
7
value 0.0102
scoring_system epss
scoring_elements 0.77179
published_at 2026-04-07T12:55:00Z
8
value 0.0102
scoring_system epss
scoring_elements 0.77212
published_at 2026-04-08T12:55:00Z
9
value 0.0102
scoring_system epss
scoring_elements 0.7722
published_at 2026-04-09T12:55:00Z
10
value 0.0102
scoring_system epss
scoring_elements 0.77248
published_at 2026-04-11T12:55:00Z
11
value 0.0102
scoring_system epss
scoring_elements 0.77227
published_at 2026-04-12T12:55:00Z
12
value 0.0102
scoring_system epss
scoring_elements 0.77224
published_at 2026-04-13T12:55:00Z
13
value 0.0102
scoring_system epss
scoring_elements 0.77263
published_at 2026-04-16T12:55:00Z
14
value 0.0102
scoring_system epss
scoring_elements 0.77265
published_at 2026-04-18T12:55:00Z
15
value 0.0102
scoring_system epss
scoring_elements 0.77257
published_at 2026-04-21T12:55:00Z
16
value 0.0102
scoring_system epss
scoring_elements 0.7729
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9815
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1712624
reference_id 1712624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1712624
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
reference_id mfsa2019-13
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-14
reference_id mfsa2019-14
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-14
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-15
reference_id mfsa2019-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-15
fixed_packages
0
url pkg:mozilla/Firefox%20ESR@60.7.0
purl pkg:mozilla/Firefox%20ESR@60.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@60.7.0
aliases CVE-2019-9815
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2z7p-2uj3-2qfb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@60.7.0