Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-8xz8-qent-zkav

Summary

Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.

Aliases

alias	CVE-2016-5260

Fixed_packages

url	pkg:deb/debian/firefox@48.0-1?distro=sid
purl	pkg:deb/debian/firefox@48.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@48.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.3-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.3-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid

url	pkg:deb/debian/firefox-esr@0?distro=trixie
purl	pkg:deb/debian/firefox-esr@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3a6f-173h-fqbz

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-4e49-6tg2-e7d9

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-pszh-x9gd-xyg4

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-ufku-v5vq-4yef

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3a6f-173h-fqbz

vulnerability	VCID-4e49-6tg2-e7d9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-pszh-x9gd-xyg4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3a6f-173h-fqbz

vulnerability	VCID-4e49-6tg2-e7d9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-pszh-x9gd-xyg4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3a6f-173h-fqbz

vulnerability	VCID-4e49-6tg2-e7d9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-pszh-x9gd-xyg4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie

url	pkg:ebuild/mail-client/thunderbird@45.6.0
purl	pkg:ebuild/mail-client/thunderbird@45.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@45.6.0

url	pkg:ebuild/mail-client/thunderbird-bin@45.6.0
purl	pkg:ebuild/mail-client/thunderbird-bin@45.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@45.6.0

url	pkg:ebuild/www-client/firefox@45.6.0
purl	pkg:ebuild/www-client/firefox@45.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@45.6.0

url	pkg:ebuild/www-client/firefox-bin@45.6.0
purl	pkg:ebuild/www-client/firefox-bin@45.6.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@45.6.0

url	pkg:mozilla/Firefox@48.0.0
purl	pkg:mozilla/Firefox@48.0.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@48.0.0

Affected_packages

References

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5260.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5260.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5260

reference_id

reference_type

scores

value	0.00605
scoring_system	epss
scoring_elements	0.69546
published_at	2026-04-01T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69806
published_at	2026-05-14T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.6976
published_at	2026-05-09T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.6973
published_at	2026-05-11T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69756
published_at	2026-05-12T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69558
published_at	2026-04-02T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69574
published_at	2026-04-04T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69553
published_at	2026-04-07T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69604
published_at	2026-04-08T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.6962
published_at	2026-04-09T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69643
published_at	2026-04-11T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69628
published_at	2026-04-12T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69614
published_at	2026-04-13T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69653
published_at	2026-04-16T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69662
published_at	2026-04-18T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69644
published_at	2026-04-21T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69696
published_at	2026-04-24T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69705
published_at	2026-04-26T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.6971
published_at	2026-04-29T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69685
published_at	2026-05-05T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69729
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5260

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1280294
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1280294

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-74.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-74.html

reference_url	http://www.securityfocus.com/bid/92260
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/92260

reference_url	http://www.securitytracker.com/id/1036508
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036508

reference_url	http://www.ubuntu.com/usn/USN-3044-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3044-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1361985
reference_id	1361985
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1361985

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5260
reference_id	CVE-2016-5260
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5260

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-5260

reference_id

CVE-2016-5260

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-5260

reference_url	https://security.gentoo.org/glsa/201701-15
reference_id	GLSA-201701-15
reference_type
scores
url	https://security.gentoo.org/glsa/201701-15

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-74

reference_id

mfsa2016-74

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-74

reference_url	https://usn.ubuntu.com/3044-1/
reference_id	USN-3044-1
reference_type
scores
url	https://usn.ubuntu.com/3044-1/

Weaknesses

cwe_id	200
name	Exposure of Sensitive Information to an Unauthorized Actor
description	The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Exploits

Severity_range_score 4.3 - 6.5

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xz8-qent-zkav

Vulnerability Instance