Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/918?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "type": "mozilla", "namespace": "", "name": "Firefox", "version": "26.0.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "27.0.0", "latest_non_vulnerable_version": "151.0.0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1976?format=api", "vulnerability_id": "VCID-1gwj-fujy-tyg5", "summary": "Mozilla developer Eric Faust reported that during JavaScript compilation GetElementIC typed array stubs can be generated outside observed typesets. This could lead to unpredictable behavior with a potential security impact.\nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5615", "reference_id": "CVE-2013-5615", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5615" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-115", "reference_id": "mfsa2013-115", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-115" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-5615" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1gwj-fujy-tyg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2116?format=api", "vulnerability_id": "VCID-1zrj-s8vv-mbhf", "summary": "Mozilla community member Vincent Lefevre reported that on\nLinux systems, web content can access data saved to the clipboard when a user\nattempts to paste a selection with a middle-click instead of pasting the\nselection content. This allows for possibly private data in the clipboard to be\ninadvertently disclosed to web content. Windows and OS X systems are not\naffected by this issue.\nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6672", "reference_id": "CVE-2013-6672", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6672" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-112", "reference_id": "mfsa2013-112", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-112" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-6672" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1zrj-s8vv-mbhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2125?format=api", "vulnerability_id": "VCID-3mxa-3mgv-kfeb", "summary": "Mozilla developer Myk Melez reported that with specifically\ntimed page navigation, the doorhanger notification for Web App installation\ncould persist from one site to another without being dismissed by the\nnavigation. This could be used by a malicious site to trick a user into\ninstalling an application from one site while making it appear to come from\nanother.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5611", "reference_id": "CVE-2013-5611", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5611" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-105", "reference_id": "mfsa2013-105", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-105" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-5611" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3mxa-3mgv-kfeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2074?format=api", "vulnerability_id": "VCID-4gbc-6zrz-dfb8", "summary": "Mozilla security developer Daniel Veditz discovered that\n<iframe sandbox> restrictions are not applied to an\n<object> element contained within a sandboxed iframe. This\ncould allow content hosted within a sandboxed iframe to use\n<object> element to bypass the sandbox restrictions that\nshould be applied.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5614", "reference_id": "CVE-2013-5614", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5614" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-107", "reference_id": "mfsa2013-107", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-107" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-5614" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4gbc-6zrz-dfb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2058?format=api", "vulnerability_id": "VCID-5jeg-ytzh-rff7", "summary": "Security researchers Tyson Smith and Jesse\nSchwartzentruber of the BlackBerry Security Automated Analysis Team\nused the Address Sanitizer tool while fuzzing to discover a user-after-free in\nthe functions for synthetic mouse movement handling. Security researcher\nAtte Kettunen from OUSPG also reported a variant of the same\nflaw. This issue leads to a potentially exploitable crash.\nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5613", "reference_id": "CVE-2013-5613", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5613" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-114", "reference_id": "mfsa2013-114", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-114" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-5613" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5jeg-ytzh-rff7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2064?format=api", "vulnerability_id": "VCID-7n14-qc7w-23f8", "summary": "Security researchers Tyson Smith and Jesse\nSchwartzentruber of the BlackBerry Security Automated Analysis Team\nused the Address Sanitizer tool while fuzzing to discover a mechanism where\ninserting an ordered list into a document through script could lead to a\npotentially exploitable crash that can be triggered by web content. \nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6671", "reference_id": "CVE-2013-6671", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6671" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-111", "reference_id": "mfsa2013-111", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-111" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-6671" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7n14-qc7w-23f8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2090?format=api", "vulnerability_id": "VCID-8rsd-tr7r-1qcq", "summary": "Firefox user Sijie Xia reported that if a user\nexplicitly removes the trust for extended validation (EV) capable root\ncertificates in the certificate manager, the change is not properly used when\nvalidating EV certificates, causing the setting to be ignored. This removes the\nability of users to explicitly untrust root certificates from specific\ncertificate authorities.\nThis flaw does not affect certificates that are not extended\nvalidation certificates. All other certificate validation checks do occur, the\nerror is the assumption that if Mozilla trusted the certificate, the user would\nalso.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6673", "reference_id": "CVE-2013-6673", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6673" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-113", "reference_id": "mfsa2013-113", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-113" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-6673" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8rsd-tr7r-1qcq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2129?format=api", "vulnerability_id": "VCID-bpzv-nc7w-skc1", "summary": "Security researcher Nils used the Address Sanitizer tool\nwhile fuzzing to discover a use-after-free problem in the table editing user\ninterface of the editor during garbage collection. This leads to a potentially\nexploitable crash.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5618", "reference_id": "CVE-2013-5618", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5618" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-109", "reference_id": "mfsa2013-109", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-109" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-5618" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bpzv-nc7w-skc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2002?format=api", "vulnerability_id": "VCID-qtvy-hphf-w3fg", "summary": "Mozilla developers identified and fixed several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances, and we\npresume that with enough effort at least some of these could be exploited to run\narbitrary code.In general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5609", "reference_id": "CVE-2013-5609", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5609" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-104", "reference_id": "mfsa2013-104", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-104" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-5609" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtvy-hphf-w3fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2070?format=api", "vulnerability_id": "VCID-tzau-6ftq-qfh8", "summary": "Security researcher Masato Kinugawa discovered that if a web\npage is missing character set encoding information it can inherit character\nencodings across navigations into another domain from an earlier site. Only\nsame-origin inheritance is allowed according to the HTML5 specification. This\nissue allows an attacker to add content that will be interpreted one way on the\nvictim site, but which may then behave differently, evading cross-site scripting\n(XSS) filtering, when forced into an unexpected character set. Web site authors\nshould always explicitly declare a character encoding to avoid similar issues.\nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5612", "reference_id": "CVE-2013-5612", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5612" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-106", "reference_id": "mfsa2013-106", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-106" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-5612" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzau-6ftq-qfh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2030?format=api", "vulnerability_id": "VCID-uzeg-99ht-a7df", "summary": "Compiler Engineer Dan Gohman of Google reported that binary\nsearch algorithms in the SpiderMonkey JavaScript engine were prone to overflow\nin several places, leading to potential out-of-bounds array access. While none\nof these are known to be directly exploitable, they are unsafe in theory and\nhave been changed as part of general security improvements. \nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5619", "reference_id": "CVE-2013-5619", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5619" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-110", "reference_id": "mfsa2013-110", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-110" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-5619" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uzeg-99ht-a7df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2121?format=api", "vulnerability_id": "VCID-vbnf-8wtz-8be5", "summary": "Security researchers Tyson Smith and Jesse\nSchwartzentruber of the BlackBerry Security Automated Analysis Team\nused the Address Sanitizer tool while fuzzing to discover a user-after-free when\ninteracting with event listeners from the mListeners array. This\nleads to a potentially exploitable crash.\nIn general these flaws cannot be exploited through email in the\nThunderbird and Seamonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5616", "reference_id": "CVE-2013-5616", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5616" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-108", "reference_id": "mfsa2013-108", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-108" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-5616" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbnf-8wtz-8be5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1979?format=api", "vulnerability_id": "VCID-ztn7-zwzj-f7dv", "summary": "Google security researcher Michal Zalewski reported issues\nwith JPEG format image processing with Start Of Scan (SOS) and Define Huffman\nTable (DHT) markers in the libjpeg library. This could allow for the possible\nreading of arbitrary memory content as well as cross-domain image theft.", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2931", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2931" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0451" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0453" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0455" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2412" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2413", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2413" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2423" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629", "reference_id": "CVE-2013-6629", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6629" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-116", "reference_id": "mfsa2013-116", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-116" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/918?format=api", "purl": "pkg:mozilla/Firefox@26.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" } ], "aliases": [ "CVE-2013-6629" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztn7-zwzj-f7dv" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0" }