Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:mozilla/NSS@3.21.0
Typemozilla
Namespace
NameNSS
Version3.21.0
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.21.1
Latest_non_vulnerable_version3.73.0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-jwzp-ucfg-wycd
vulnerability_id VCID-jwzp-ucfg-wycd
summary 
Security researcher Hanno Böck reported that calculations with
mp_div and mp_exptmod in Network Security Services (NSS) can
produce wrong results in some circumstances. These functions are used within NSS for a
variety of cryptographic division functions, leading to potential cryptographic
weaknesses.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
reference_id CVE-2016-1938
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-07
reference_id mfsa2016-07
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-07
fixed_packages
0
url pkg:mozilla/NSS@3.21.0
purl pkg:mozilla/NSS@3.21.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/NSS@3.21.0
aliases CVE-2016-1938
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jwzp-ucfg-wycd
1
url VCID-s692-wjkg-xkfr
vulnerability_id VCID-s692-wjkg-xkfr
summary Mozilla developer Eric Rescorla reported that a failed allocation during DHE and ECDHE handshakes would lead to a use-after-free vulnerability.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
reference_id CVE-2016-1978
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-15
reference_id mfsa2016-15
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-15
fixed_packages
0
url pkg:mozilla/NSS@3.21.0
purl pkg:mozilla/NSS@3.21.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/NSS@3.21.0
aliases CVE-2016-1978
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s692-wjkg-xkfr
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:mozilla/NSS@3.21.0