Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-q3kb-75tq-a7dt

Summary

Priit Laes reported a crash due to a heap buffer overflow triggered
by a JavaScript regular expression containing
a minimal quantifier. We presume this could be exploited to run
arbitrary code.CanadianGuy, Girts Folkmanis and Catalin Patulea report that a regular
expression that ends with a backslash inside an unterminated
character set (e.g. "[\\") will cause the regular expression engine
to read beyond the end of the buffer, possibly leading to a crash.Thunderbird shares the browser engine with Firefox
and could be vulnerable if JavaScript were to be enabled in mail. This is not
the default setting and we strongly discourage users from enabling
JavaScript in mail.

Aliases

alias	CVE-2006-4565

Fixed_packages

url	pkg:mozilla/SeaMonkey@1.0.5
purl	pkg:mozilla/SeaMonkey@1.0.5
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.5

Affected_packages

References

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565
reference_id	CVE-2006-4565
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2006-57

reference_id

mfsa2006-57

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2006-57

Weaknesses

Exploits

Severity_range_score 9.0 - 10.0

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3kb-75tq-a7dt

Vulnerability Instance