Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-n8hk-44ah-bugr
SummaryDue to insufficient escaping of the ampersand character in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.*This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.*
Aliases
0
alias CVE-2025-4084
Fixed_packages
0
url pkg:deb/debian/firefox-esr@0?distro=trixie
purl pkg:deb/debian/firefox-esr@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie
1
url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3a6f-173h-fqbz
2
vulnerability VCID-3kv6-c148-nkhq
3
vulnerability VCID-4e49-6tg2-e7d9
4
vulnerability VCID-59d3-343b-e3aw
5
vulnerability VCID-5dw5-vpt8-zqbz
6
vulnerability VCID-61r1-arbe-dke4
7
vulnerability VCID-7jt2-zr49-7ye5
8
vulnerability VCID-95et-ezmb-buau
9
vulnerability VCID-9ag7-z86d-nba9
10
vulnerability VCID-9nbw-7c9e-13af
11
vulnerability VCID-av7u-3g4m-mugm
12
vulnerability VCID-bwth-uepr-z7a3
13
vulnerability VCID-cjsm-7gxr-8ygw
14
vulnerability VCID-d16s-p141-qbft
15
vulnerability VCID-fxjm-ywug-f3d5
16
vulnerability VCID-hk2m-rbdy-nqhc
17
vulnerability VCID-ma29-qa7e-9qb4
18
vulnerability VCID-nge1-4cvg-zqb2
19
vulnerability VCID-nyum-jpbc-abew
20
vulnerability VCID-p6yz-xs58-u3gm
21
vulnerability VCID-pfmd-zv8f-8bfc
22
vulnerability VCID-pszh-x9gd-xyg4
23
vulnerability VCID-q689-wneh-hbdq
24
vulnerability VCID-q8qp-5szp-mfe8
25
vulnerability VCID-qbzp-euvv-q7c7
26
vulnerability VCID-ruqn-mk9t-57hb
27
vulnerability VCID-tv7r-qf2c-dqbm
28
vulnerability VCID-ufku-v5vq-4yef
29
vulnerability VCID-w98r-yagc-kkec
30
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie
2
url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie
purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie
5
url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-f81v-9fv8-93cd
12
vulnerability VCID-fxjm-ywug-f3d5
13
vulnerability VCID-hk2m-rbdy-nqhc
14
vulnerability VCID-ma29-qa7e-9qb4
15
vulnerability VCID-nge1-4cvg-zqb2
16
vulnerability VCID-nyum-jpbc-abew
17
vulnerability VCID-p6yz-xs58-u3gm
18
vulnerability VCID-pfmd-zv8f-8bfc
19
vulnerability VCID-q689-wneh-hbdq
20
vulnerability VCID-q8qp-5szp-mfe8
21
vulnerability VCID-ruqn-mk9t-57hb
22
vulnerability VCID-tv7r-qf2c-dqbm
23
vulnerability VCID-w98r-yagc-kkec
24
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie
6
url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1y9d-wx59-fyh2
1
vulnerability VCID-9uk1-zvat-5qc9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-ndwm-svz7-5uen
4
vulnerability VCID-zkbj-717t-j3hw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie
7
url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-f81v-9fv8-93cd
3
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie
8
url pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie
purl pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-f81v-9fv8-93cd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie
9
url pkg:deb/debian/thunderbird@0?distro=trixie
purl pkg:deb/debian/thunderbird@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@0%3Fdistro=trixie
10
url pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie
purl pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3a6f-173h-fqbz
2
vulnerability VCID-3kv6-c148-nkhq
3
vulnerability VCID-4e49-6tg2-e7d9
4
vulnerability VCID-59d3-343b-e3aw
5
vulnerability VCID-61r1-arbe-dke4
6
vulnerability VCID-7jt2-zr49-7ye5
7
vulnerability VCID-95et-ezmb-buau
8
vulnerability VCID-9nbw-7c9e-13af
9
vulnerability VCID-av7u-3g4m-mugm
10
vulnerability VCID-bwth-uepr-z7a3
11
vulnerability VCID-cjsm-7gxr-8ygw
12
vulnerability VCID-d16s-p141-qbft
13
vulnerability VCID-fxjm-ywug-f3d5
14
vulnerability VCID-hk2m-rbdy-nqhc
15
vulnerability VCID-ma29-qa7e-9qb4
16
vulnerability VCID-nge1-4cvg-zqb2
17
vulnerability VCID-nyum-jpbc-abew
18
vulnerability VCID-p6yz-xs58-u3gm
19
vulnerability VCID-pfmd-zv8f-8bfc
20
vulnerability VCID-pszh-x9gd-xyg4
21
vulnerability VCID-q689-wneh-hbdq
22
vulnerability VCID-q8qp-5szp-mfe8
23
vulnerability VCID-ruqn-mk9t-57hb
24
vulnerability VCID-tv7r-qf2c-dqbm
25
vulnerability VCID-ufku-v5vq-4yef
26
vulnerability VCID-w98r-yagc-kkec
27
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie
11
url pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie
12
url pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie
13
url pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5dw5-vpt8-zqbz
1
vulnerability VCID-9ag7-z86d-nba9
2
vulnerability VCID-qbzp-euvv-q7c7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie
14
url pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2fqb-r5zb-a7dp
1
vulnerability VCID-3kv6-c148-nkhq
2
vulnerability VCID-59d3-343b-e3aw
3
vulnerability VCID-61r1-arbe-dke4
4
vulnerability VCID-7jt2-zr49-7ye5
5
vulnerability VCID-95et-ezmb-buau
6
vulnerability VCID-9nbw-7c9e-13af
7
vulnerability VCID-av7u-3g4m-mugm
8
vulnerability VCID-bwth-uepr-z7a3
9
vulnerability VCID-cjsm-7gxr-8ygw
10
vulnerability VCID-d16s-p141-qbft
11
vulnerability VCID-fxjm-ywug-f3d5
12
vulnerability VCID-hk2m-rbdy-nqhc
13
vulnerability VCID-ma29-qa7e-9qb4
14
vulnerability VCID-nge1-4cvg-zqb2
15
vulnerability VCID-nyum-jpbc-abew
16
vulnerability VCID-p6yz-xs58-u3gm
17
vulnerability VCID-pfmd-zv8f-8bfc
18
vulnerability VCID-q689-wneh-hbdq
19
vulnerability VCID-q8qp-5szp-mfe8
20
vulnerability VCID-ruqn-mk9t-57hb
21
vulnerability VCID-tv7r-qf2c-dqbm
22
vulnerability VCID-w98r-yagc-kkec
23
vulnerability VCID-z6tm-b352-5uhk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie
15
url pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.10.0esr-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.0esr-1%3Fdistro=trixie
16
url pkg:deb/debian/thunderbird@1:140.10.1esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.10.1esr-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3a6f-173h-fqbz
1
vulnerability VCID-4e49-6tg2-e7d9
2
vulnerability VCID-pszh-x9gd-xyg4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1%3Fdistro=trixie
17
url pkg:deb/debian/thunderbird@1:140.10.2esr-1?distro=trixie
purl pkg:deb/debian/thunderbird@1:140.10.2esr-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.2esr-1%3Fdistro=trixie
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4084.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4084.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-4084
reference_id
reference_type
scores
0
value 0.00283
scoring_system epss
scoring_elements 0.51769
published_at 2026-05-14T12:55:00Z
1
value 0.00283
scoring_system epss
scoring_elements 0.5175
published_at 2026-04-11T12:55:00Z
2
value 0.00283
scoring_system epss
scoring_elements 0.51728
published_at 2026-04-12T12:55:00Z
3
value 0.00283
scoring_system epss
scoring_elements 0.51711
published_at 2026-04-13T12:55:00Z
4
value 0.00283
scoring_system epss
scoring_elements 0.51752
published_at 2026-04-16T12:55:00Z
5
value 0.00283
scoring_system epss
scoring_elements 0.51759
published_at 2026-04-18T12:55:00Z
6
value 0.00283
scoring_system epss
scoring_elements 0.51739
published_at 2026-04-21T12:55:00Z
7
value 0.00283
scoring_system epss
scoring_elements 0.51691
published_at 2026-04-24T12:55:00Z
8
value 0.00283
scoring_system epss
scoring_elements 0.51697
published_at 2026-04-26T12:55:00Z
9
value 0.00283
scoring_system epss
scoring_elements 0.51657
published_at 2026-04-29T12:55:00Z
10
value 0.00283
scoring_system epss
scoring_elements 0.51604
published_at 2026-05-05T12:55:00Z
11
value 0.00283
scoring_system epss
scoring_elements 0.51655
published_at 2026-05-07T12:55:00Z
12
value 0.00283
scoring_system epss
scoring_elements 0.51662
published_at 2026-05-11T12:55:00Z
13
value 0.00283
scoring_system epss
scoring_elements 0.51664
published_at 2026-04-02T12:55:00Z
14
value 0.00283
scoring_system epss
scoring_elements 0.5169
published_at 2026-05-12T12:55:00Z
15
value 0.00283
scoring_system epss
scoring_elements 0.5165
published_at 2026-04-07T12:55:00Z
16
value 0.00283
scoring_system epss
scoring_elements 0.51704
published_at 2026-04-08T12:55:00Z
17
value 0.00283
scoring_system epss
scoring_elements 0.517
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-4084
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2362911
reference_id 2362911
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2362911
4
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198
reference_id buglist.cgi?bug_id=1949994%2C1956698%2C1960198
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-29
reference_id mfsa2025-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-29
6
reference_url https://www.mozilla.org/security/advisories/mfsa2025-29/
reference_id mfsa2025-29
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/
url https://www.mozilla.org/security/advisories/mfsa2025-29/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-30
reference_id mfsa2025-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-30
8
reference_url https://www.mozilla.org/security/advisories/mfsa2025-30/
reference_id mfsa2025-30
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/
url https://www.mozilla.org/security/advisories/mfsa2025-30/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-32
reference_id mfsa2025-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-32
10
reference_url https://www.mozilla.org/security/advisories/mfsa2025-32/
reference_id mfsa2025-32
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/
url https://www.mozilla.org/security/advisories/mfsa2025-32/
Weaknesses
0
cwe_id 138
name Improper Neutralization of Special Elements
description The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as control elements or syntactic markers when they are sent to a downstream component.
Exploits
Severity_range_score5.7 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-n8hk-44ah-bugr