Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-pden-es6n-nfey
Summary
Security researcher 3ric Johanson reported in discussions
with Richard Newman and Holt Sorenson that
Verisign's prevention measures for homograph attacks using Internationalized
Domain Names (IDN) were insufficiently rigorous, and this led to a limited
possibility for domain spoofing in Firefox.IDN allows non-English speakers to use domains in their local language. Many
supported characters are similar or identical to others in English, allowing for
the potential spoofing of domain names and for phishing attacks when not
blocked. In consultation with Verisign, Mozilla had added .com, .net, and .name
top-level domains to its IDN whitelist, allowing for IDN use in those top-level
domains without restrictions. However, it became clear that a number of
historical dangerous registrations continued to be valid.This issue has been fixed by removing the .com, .net, and .name top-level
domains from the IDN whitelist, and supplementing the whitelist implementation
with technical restrictions against script-mixing in domain labels. These
restrictions apply to all non-whitelisted top-level domains. More information on
the exact algorithm used can be found here.
Aliases
0
alias CVE-2013-1699
Fixed_packages
0
url pkg:mozilla/Firefox@22.0.0
purl pkg:mozilla/Firefox@22.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@22.0.0
1
url pkg:mozilla/SeaMonkey@2.19.0
purl pkg:mozilla/SeaMonkey@2.19.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.19.0
Affected_packages
References
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1699.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1699.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1699
reference_id
reference_type
scores
0
value 0.00367
scoring_system epss
scoring_elements 0.5878
published_at 2026-05-14T12:55:00Z
1
value 0.00367
scoring_system epss
scoring_elements 0.58565
published_at 2026-04-01T12:55:00Z
2
value 0.00367
scoring_system epss
scoring_elements 0.58681
published_at 2026-05-11T12:55:00Z
3
value 0.00367
scoring_system epss
scoring_elements 0.58709
published_at 2026-05-12T12:55:00Z
4
value 0.00367
scoring_system epss
scoring_elements 0.58649
published_at 2026-04-02T12:55:00Z
5
value 0.00367
scoring_system epss
scoring_elements 0.58669
published_at 2026-04-04T12:55:00Z
6
value 0.00367
scoring_system epss
scoring_elements 0.58636
published_at 2026-04-07T12:55:00Z
7
value 0.00367
scoring_system epss
scoring_elements 0.58688
published_at 2026-04-21T12:55:00Z
8
value 0.00367
scoring_system epss
scoring_elements 0.58694
published_at 2026-04-09T12:55:00Z
9
value 0.00367
scoring_system epss
scoring_elements 0.58711
published_at 2026-04-11T12:55:00Z
10
value 0.00367
scoring_system epss
scoring_elements 0.58693
published_at 2026-04-12T12:55:00Z
11
value 0.00367
scoring_system epss
scoring_elements 0.58673
published_at 2026-04-13T12:55:00Z
12
value 0.00367
scoring_system epss
scoring_elements 0.58706
published_at 2026-04-16T12:55:00Z
13
value 0.00367
scoring_system epss
scoring_elements 0.5871
published_at 2026-04-18T12:55:00Z
14
value 0.00367
scoring_system epss
scoring_elements 0.58656
published_at 2026-04-24T12:55:00Z
15
value 0.00367
scoring_system epss
scoring_elements 0.58671
published_at 2026-04-26T12:55:00Z
16
value 0.00367
scoring_system epss
scoring_elements 0.58655
published_at 2026-04-29T12:55:00Z
17
value 0.00367
scoring_system epss
scoring_elements 0.58623
published_at 2026-05-05T12:55:00Z
18
value 0.00367
scoring_system epss
scoring_elements 0.58667
published_at 2026-05-07T12:55:00Z
19
value 0.00367
scoring_system epss
scoring_elements 0.58725
published_at 2026-05-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1699
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=840882
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=840882
4
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17296
reference_id
reference_type
scores
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17296
5
reference_url http://www.mozilla.org/security/announce/2013/mfsa2013-61.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2013/mfsa2013-61.html
6
reference_url http://www.ubuntu.com/usn/USN-1890-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1890-1
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=977621
reference_id 977621
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=977621
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.1:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:19.0.2:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:20.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:20.0.1:*:*:*:*:*:*:*
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1699
reference_id CVE-2013-1699
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1699
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1699
reference_id CVE-2013-1699
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2013-1699
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2013-61
reference_id mfsa2013-61
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2013-61
17
reference_url https://usn.ubuntu.com/1890-1/
reference_id USN-1890-1
reference_type
scores
url https://usn.ubuntu.com/1890-1/
Weaknesses
0
cwe_id 310
name Cryptographic Issues
description Weaknesses in this category are related to the design and implementation of data confidentiality and integrity. Frequently these deal with the use of encoding techniques, encryption libraries, and hashing algorithms. The weaknesses in this category could lead to a degradation of the quality data if they are not addressed.
Exploits
Severity_range_score5.0 - 5.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-pden-es6n-nfey