Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-8y8u-ugyb-r3h8

Summary When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers.

Aliases

alias	CVE-2022-45410

Fixed_packages

Affected_packages

References

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-47

reference_id

mfsa2022-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-47

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-48

reference_id

mfsa2022-48

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-48

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-49

reference_id

mfsa2022-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2022-49

Weaknesses

Exploits

Severity_range_score 7.0 - 8.9

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8y8u-ugyb-r3h8

Vulnerability Instance