Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-n4a2-kntd-sug6
Summary
Mozilla security researcher moz_bug_r_a4 reported that frame
scripts bypass XPConnect security checks when calling untrusted objects. This
allows for cross-site scripting (XSS) attacks through web pages and Firefox
extensions. The fix enables the Script Security Manager (SSM) to force security
checks on all frame scripts.
Firefox 3.6 and Thunderbird 3.1 are not affected by this
vulnerability.
Aliases
0
alias CVE-2012-0446
Fixed_packages
0
url pkg:mozilla/Firefox@10.0.0
purl pkg:mozilla/Firefox@10.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@10.0.0
1
url pkg:mozilla/SeaMonkey@2.7.0
purl pkg:mozilla/SeaMonkey@2.7.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.7.0
2
url pkg:mozilla/Thunderbird@10.0.0
purl pkg:mozilla/Thunderbird@10.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@10.0.0
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0446
reference_id CVE-2012-0446
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0446
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2012-05
reference_id mfsa2012-05
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2012-05
Weaknesses
Exploits
Severity_range_score9.0 - 10.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-n4a2-kntd-sug6