Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox-esr@115.9.1esr-1~deb11u1?distro=trixie

Type deb

Namespace debian

Name firefox-esr

Version 115.9.1esr-1~deb11u1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 115.9.1esr-1~deb12u1

Latest_non_vulnerable_version 140.10.2esr-1~deb13u1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-58mr-4qat-sfet

vulnerability_id VCID-58mr-4qat-sfet

summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29944.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29944.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-29944

reference_id

reference_type

scores

value	0.01405
scoring_system	epss
scoring_elements	0.80608
published_at	2026-05-12T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80478
published_at	2026-04-11T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80464
published_at	2026-04-12T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80457
published_at	2026-04-13T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80486
published_at	2026-04-16T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80487
published_at	2026-04-18T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80489
published_at	2026-04-21T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80515
published_at	2026-04-24T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80519
published_at	2026-04-26T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80536
published_at	2026-04-29T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80554
published_at	2026-05-05T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80577
published_at	2026-05-07T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80596
published_at	2026-05-09T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80591
published_at	2026-05-11T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.8041
published_at	2026-04-02T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80432
published_at	2026-04-04T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.80421
published_at	2026-04-07T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.8045
published_at	2026-04-08T12:55:00Z

value	0.01405
scoring_system	epss
scoring_elements	0.8046
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-29944

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29944
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29944

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

http://www.openwall.com/lists/oss-security/2024/03/23/1

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-04T04:00:16Z/

url

http://www.openwall.com/lists/oss-security/2024/03/23/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067523
reference_id	1067523
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067523

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2271064
reference_id	2271064
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2271064

reference_url	https://security.gentoo.org/glsa/202407-22
reference_id	GLSA-202407-22
reference_type
scores
url	https://security.gentoo.org/glsa/202407-22

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-15

reference_id

mfsa2024-15

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-15

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-15/

reference_id

mfsa2024-15

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-04T04:00:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-15/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-16

reference_id

mfsa2024-16

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-16

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-16/

reference_id

mfsa2024-16

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-04T04:00:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-16/

reference_url

https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html

reference_id

msg00028.html

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-04T04:00:16Z/

url

https://lists.debian.org/debian-lts-announce/2024/03/msg00028.html

reference_url	https://access.redhat.com/errata/RHSA-2024:1483
reference_id	RHSA-2024:1483
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1483

reference_url	https://access.redhat.com/errata/RHSA-2024:1484
reference_id	RHSA-2024:1484
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1484

reference_url	https://access.redhat.com/errata/RHSA-2024:1485
reference_id	RHSA-2024:1485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1485

reference_url	https://access.redhat.com/errata/RHSA-2024:1486
reference_id	RHSA-2024:1486
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1486

reference_url	https://access.redhat.com/errata/RHSA-2024:1487
reference_id	RHSA-2024:1487
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1487

reference_url	https://access.redhat.com/errata/RHSA-2024:1488
reference_id	RHSA-2024:1488
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1488

reference_url	https://access.redhat.com/errata/RHSA-2024:1489
reference_id	RHSA-2024:1489
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1489

reference_url	https://access.redhat.com/errata/RHSA-2024:1490
reference_id	RHSA-2024:1490
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1490

reference_url	https://access.redhat.com/errata/RHSA-2024:1491
reference_id	RHSA-2024:1491
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1491

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1886852

reference_id

show_bug.cgi?id=1886852

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-04T04:00:16Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1886852

reference_url	https://usn.ubuntu.com/6710-1/
reference_id	USN-6710-1
reference_type
scores
url	https://usn.ubuntu.com/6710-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@115.9.1esr-1~deb11u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.9.1esr-1~deb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.9.1esr-1~deb11u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.9.1esr-1~deb12u1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.9.1esr-1~deb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.9.1esr-1~deb12u1%3Fdistro=trixie

url	pkg:deb/debian/firefox-esr@115.9.1esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@115.9.1esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3a6f-173h-fqbz

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-4e49-6tg2-e7d9

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-pszh-x9gd-xyg4

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-ufku-v5vq-4yef

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3a6f-173h-fqbz

vulnerability	VCID-4e49-6tg2-e7d9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-pszh-x9gd-xyg4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3a6f-173h-fqbz

vulnerability	VCID-4e49-6tg2-e7d9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-pszh-x9gd-xyg4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3a6f-173h-fqbz

vulnerability	VCID-4e49-6tg2-e7d9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-pszh-x9gd-xyg4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie

aliases CVE-2024-29944

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-58mr-4qat-sfet

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.9.1esr-1~deb11u1%3Fdistro=trixie

Package Instance