Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-6c2j-g8zz-33dt

Summary

Fixes for security problems in the JavaScript engine described in 

MFSA 2008-15 (CVE-2008-1237) introduced a stability problem, where some
users experienced crashes during JavaScript garbage collection. This is being
fixed primarily to address stability concerns. We have no demonstration that
this particular crash is exploitable but are issuing this advisory because
some crashes of this type have been shown to be exploitable in the past.This regression was introduced in Firefox 2.0.0.13 and does
not affect any shipping version of Thunderbird. Thunderbird 2.0.0.14 contains
the correct fix for MFSA 2008-15, although as noted in that advisory
Thunderbird users would be vulnerable only if they had enabled JavaScript.

Aliases

alias	CVE-2008-1380

Fixed_packages

url	pkg:ebuild/mail-client/mozilla-thunderbird@2.0.0.14
purl	pkg:ebuild/mail-client/mozilla-thunderbird@2.0.0.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/mozilla-thunderbird@2.0.0.14

url	pkg:ebuild/mail-client/mozilla-thunderbird@2.0.0.16
purl	pkg:ebuild/mail-client/mozilla-thunderbird@2.0.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/mozilla-thunderbird@2.0.0.16

url	pkg:ebuild/mail-client/mozilla-thunderbird-bin@2.0.0.14
purl	pkg:ebuild/mail-client/mozilla-thunderbird-bin@2.0.0.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/mozilla-thunderbird-bin@2.0.0.14

url	pkg:ebuild/mail-client/mozilla-thunderbird-bin@2.0.0.16
purl	pkg:ebuild/mail-client/mozilla-thunderbird-bin@2.0.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/mozilla-thunderbird-bin@2.0.0.16

url	pkg:ebuild/net-libs/xulrunner@1.1.9
purl	pkg:ebuild/net-libs/xulrunner@1.1.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner@1.1.9

url	pkg:ebuild/net-libs/xulrunner@1.1.9-r1
purl	pkg:ebuild/net-libs/xulrunner@1.1.9-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner@1.1.9-r1

url	pkg:ebuild/net-libs/xulrunner@1.1.11
purl	pkg:ebuild/net-libs/xulrunner@1.1.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner@1.1.11

url	pkg:ebuild/net-libs/xulrunner@1.8.1.14
purl	pkg:ebuild/net-libs/xulrunner@1.8.1.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner@1.8.1.14

url	pkg:ebuild/net-libs/xulrunner@1.8.1.16
purl	pkg:ebuild/net-libs/xulrunner@1.8.1.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner@1.8.1.16

url	pkg:ebuild/net-libs/xulrunner@2.0.0.14
purl	pkg:ebuild/net-libs/xulrunner@2.0.0.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner@2.0.0.14

url	pkg:ebuild/net-libs/xulrunner@2.0.0.16
purl	pkg:ebuild/net-libs/xulrunner@2.0.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner@2.0.0.16

url	pkg:ebuild/net-libs/xulrunner-bin@1.1.11
purl	pkg:ebuild/net-libs/xulrunner-bin@1.1.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner-bin@1.1.11

url	pkg:ebuild/net-libs/xulrunner-bin@1.8.1.16
purl	pkg:ebuild/net-libs/xulrunner-bin@1.8.1.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner-bin@1.8.1.16

url	pkg:ebuild/net-libs/xulrunner-bin@2.0.0.16
purl	pkg:ebuild/net-libs/xulrunner-bin@2.0.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/net-libs/xulrunner-bin@2.0.0.16

url	pkg:ebuild/www-client/mozilla-firefox@2.0.0.14
purl	pkg:ebuild/www-client/mozilla-firefox@2.0.0.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/mozilla-firefox@2.0.0.14

url	pkg:ebuild/www-client/mozilla-firefox@2.0.0.16
purl	pkg:ebuild/www-client/mozilla-firefox@2.0.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/mozilla-firefox@2.0.0.16

url	pkg:ebuild/www-client/mozilla-firefox-bin@2.0.0.14
purl	pkg:ebuild/www-client/mozilla-firefox-bin@2.0.0.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/mozilla-firefox-bin@2.0.0.14

url	pkg:ebuild/www-client/mozilla-firefox-bin@2.0.0.16
purl	pkg:ebuild/www-client/mozilla-firefox-bin@2.0.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/mozilla-firefox-bin@2.0.0.16

url	pkg:ebuild/www-client/seamonkey@1.1.9-r1
purl	pkg:ebuild/www-client/seamonkey@1.1.9-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@1.1.9-r1

url	pkg:ebuild/www-client/seamonkey@1.1.11
purl	pkg:ebuild/www-client/seamonkey@1.1.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@1.1.11

url	pkg:ebuild/www-client/seamonkey@2.0.0.14
purl	pkg:ebuild/www-client/seamonkey@2.0.0.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@2.0.0.14

url	pkg:ebuild/www-client/seamonkey@2.0.0.16
purl	pkg:ebuild/www-client/seamonkey@2.0.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@2.0.0.16

url	pkg:ebuild/www-client/seamonkey-bin@1.1.9
purl	pkg:ebuild/www-client/seamonkey-bin@1.1.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@1.1.9

url	pkg:ebuild/www-client/seamonkey-bin@1.1.9-r1
purl	pkg:ebuild/www-client/seamonkey-bin@1.1.9-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@1.1.9-r1

url	pkg:ebuild/www-client/seamonkey-bin@1.1.11
purl	pkg:ebuild/www-client/seamonkey-bin@1.1.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@1.1.11

url	pkg:ebuild/www-client/seamonkey-bin@2.0.0.14
purl	pkg:ebuild/www-client/seamonkey-bin@2.0.0.14
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@2.0.0.14

url	pkg:ebuild/www-client/seamonkey-bin@2.0.0.16
purl	pkg:ebuild/www-client/seamonkey-bin@2.0.0.16
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@2.0.0.16

Affected_packages

url pkg:rpm/redhat/firefox@1.5.0.12-0.15?arch=el4

purl pkg:rpm/redhat/firefox@1.5.0.12-0.15?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6c2j-g8zz-33dt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@1.5.0.12-0.15%3Farch=el4

url pkg:rpm/redhat/firefox@1.5.0.12-15?arch=el5_1

purl pkg:rpm/redhat/firefox@1.5.0.12-15?arch=el5_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6c2j-g8zz-33dt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@1.5.0.12-15%3Farch=el5_1

url pkg:rpm/redhat/seamonkey@1.0.9-0.15?arch=el2

purl pkg:rpm/redhat/seamonkey@1.0.9-0.15?arch=el2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6c2j-g8zz-33dt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.9-0.15%3Farch=el2

url pkg:rpm/redhat/seamonkey@1.0.9-0.17?arch=el3

purl pkg:rpm/redhat/seamonkey@1.0.9-0.17?arch=el3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6c2j-g8zz-33dt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.9-0.17%3Farch=el3

url pkg:rpm/redhat/seamonkey@1.0.9-16?arch=el4

purl pkg:rpm/redhat/seamonkey@1.0.9-16?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6c2j-g8zz-33dt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.9-16%3Farch=el4

url pkg:rpm/redhat/thunderbird@1.5.0.12-11?arch=el4

purl pkg:rpm/redhat/thunderbird@1.5.0.12-11?arch=el4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6c2j-g8zz-33dt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@1.5.0.12-11%3Farch=el4

url pkg:rpm/redhat/thunderbird@1.5.0.12-12?arch=el5_1

purl pkg:rpm/redhat/thunderbird@1.5.0.12-12?arch=el5_1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6c2j-g8zz-33dt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@1.5.0.12-12%3Farch=el5_1

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1380.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1380.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1380

reference_id

reference_type

scores

value	0.17011
scoring_system	epss
scoring_elements	0.95104
published_at	2026-06-04T12:55:00Z

value	0.17011
scoring_system	epss
scoring_elements	0.95112
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1380

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=440518
reference_id	440518
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=440518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380
reference_id	CVE-2008-1380
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380

reference_url	https://security.gentoo.org/glsa/200805-18
reference_id	GLSA-200805-18
reference_type
scores
url	https://security.gentoo.org/glsa/200805-18

reference_url	https://security.gentoo.org/glsa/200808-03
reference_id	GLSA-200808-03
reference_type
scores
url	https://security.gentoo.org/glsa/200808-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2008-20

reference_id

mfsa2008-20

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2008-20

reference_url	https://access.redhat.com/errata/RHSA-2008:0222
reference_id	RHSA-2008:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0222

reference_url	https://access.redhat.com/errata/RHSA-2008:0223
reference_id	RHSA-2008:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0223

reference_url	https://access.redhat.com/errata/RHSA-2008:0224
reference_id	RHSA-2008:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0224

reference_url	https://usn.ubuntu.com/602-1/
reference_id	USN-602-1
reference_type
scores
url	https://usn.ubuntu.com/602-1/

Weaknesses

Exploits

Severity_range_score 9.0 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6c2j-g8zz-33dt

Vulnerability Instance