Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-529a-q5b6-tyg4
Summary
Mozilla developer Boris Zbarsky discovered an issue where
network-level redirects cause an <iframe> sandbox to forget 
its unique origin and behave as if the allow-same-origin keyword 
were applied. This allows the sandboxed content to access other content from 
the same origin without explicit approval. 
In general this flaw cannot be exploited through email in the
Thunderbird product because scripting is disabled, but is potentially a risk in
browser or browser-like contexts.
Aliases
0
alias CVE-2014-1552
Fixed_packages
0
url pkg:mozilla/Firefox@31.0.0
purl pkg:mozilla/Firefox@31.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@31.0.0
1
url pkg:mozilla/Thunderbird@31.0.0
purl pkg:mozilla/Thunderbird@31.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@31.0.0
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1552
reference_id CVE-2014-1552
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1552
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2014-66
reference_id mfsa2014-66
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2014-66
Weaknesses
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-529a-q5b6-tyg4