Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-t79e-kk94-wbb3
Summary
Security researcher Abhishek Arya (Inferno) of the Google
Chrome Security Team and Mozilla security developer Gary Kwong
used the Address Sanitizer tool to discover a double-free error when sending a
zero-length XmlHttpRequest (XHR). This was due to errors in memory allocation
when using different memory allocator libraries than jemalloc used
by Mozilla builds. When those other memory allocators are used for build
compilation, this could cause a potentially exploitable crash during some XHR
actions.
This vulnerability does not happen in Firefox as built by
Mozilla, but can occur when Firefox is built using a memory allocator that
follows older pre-standard behaviors.
Aliases
0
alias CVE-2015-0828
Fixed_packages
0
url pkg:mozilla/Firefox@36.0.0
purl pkg:mozilla/Firefox@36.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@36.0.0
1
url pkg:mozilla/SeaMonkey@2.33.0
purl pkg:mozilla/SeaMonkey@2.33.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.33.0
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0828
reference_id CVE-2015-0828
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0828
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2015-18
reference_id mfsa2015-18
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2015-18
Weaknesses
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-t79e-kk94-wbb3