Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-mm4x-8rtx-9yd2
Summary
Mozilla developer Jan de Mooij reported an issue that
affects web content that relies on the Caja Compiler for
protection, or other similar sandboxing libraries. He found that some JavaScript
objects marked as non-extensible within Caja and Secure EcmaScript could be made
extensible again, bypassing the Caja sandboxing security measures, when the
JavaScript code should not be allowed to run.
Firefox users are not directly impacted by this issue. This
issue affects code running in Caja within loaded web content that should run
within its protections.
Aliases
0
alias CVE-2015-0820
Fixed_packages
0
url pkg:mozilla/Firefox@36.0.0
purl pkg:mozilla/Firefox@36.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@36.0.0
1
url pkg:mozilla/SeaMonkey@2.33.0
purl pkg:mozilla/SeaMonkey@2.33.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.33.0
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0820
reference_id CVE-2015-0820
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0820
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2015-27
reference_id mfsa2015-27
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2015-27
Weaknesses
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-mm4x-8rtx-9yd2