Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1209?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1209?format=api", "purl": "pkg:mozilla/Firefox@6.0.0", "type": "mozilla", "namespace": "", "name": "Firefox", "version": "6.0.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "7.0.0", "latest_non_vulnerable_version": "151.0.0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2814?format=api", "vulnerability_id": "VCID-4cqm-66bu-2qfr", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2989", "reference_id": "cve-2011-2989", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2989" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-29", "reference_id": "mfsa2011-29", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-29" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-31", "reference_id": "mfsa2011-31", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-31" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-33", "reference_id": "mfsa2011-33", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-33" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1209?format=api", "purl": "pkg:mozilla/Firefox@6.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@6.0.0" } ], "aliases": [ "cve-2011-2989" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4cqm-66bu-2qfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2903?format=api", "vulnerability_id": "VCID-5am8-72dc-8yer", "summary": "Mozilla developer Boris Zbarsky reported that a frame\nnamed \"location\" could shadow the window.location object unless a\nscript in a page grabbed a reference to the true object before the frame\nwas created. Because some plugins use the value of window.location to determine\nthe page origin this could fool the plugin into granting the plugin content\naccess to another site or the local file system in violation of the Same Origin\nPolicy. This flaw allows circumvention of the fix added for\nMFSA 2010-10.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999", "reference_id": "CVE-2011-2999", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-38", "reference_id": "mfsa2011-38", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-38" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1186?format=api", "purl": "pkg:mozilla/Firefox@3.6.23", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.6.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/1209?format=api", "purl": "pkg:mozilla/Firefox@6.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@6.0.0" } ], "aliases": [ "CVE-2011-2999" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5am8-72dc-8yer" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@6.0.0" }