Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/113793?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113793?format=api", "vulnerability_id": "VCID-k3s2-nx4h-1qbd", "summary": "flash-plugin: multiple code execution flaws (APSB15-04)", "aliases": [ { "alias": "CVE-2015-0318" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/191654?format=api", "purl": "pkg:ebuild/www-plugins/adobe-flash@11.2.202.442", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-plugins/adobe-flash@11.2.202.442" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/173783?format=api", "purl": "pkg:rpm/redhat/flash-plugin@11.2.202.442-1?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2duj-79jp-ukc3" }, { "vulnerability": "VCID-2ja5-k81n-augg" }, { "vulnerability": "VCID-3a1u-s3v4-pbf9" }, { "vulnerability": "VCID-3y2r-eyua-mygq" }, { "vulnerability": "VCID-66jm-jpvn-sqc5" }, { "vulnerability": "VCID-agye-dxc8-aff9" }, { "vulnerability": "VCID-g2pr-1pkd-wbhd" }, { "vulnerability": "VCID-k3s2-nx4h-1qbd" }, { "vulnerability": "VCID-kbsk-9s39-xkd9" }, { "vulnerability": "VCID-kkys-t873-ayg4" }, { "vulnerability": "VCID-nay6-7fbe-a3ck" }, { "vulnerability": "VCID-nrrg-3ssx-77cs" }, { "vulnerability": "VCID-qc2d-qfk4-bycq" }, { "vulnerability": "VCID-uhxq-k77r-3ugp" }, { "vulnerability": "VCID-vknj-xp6w-vffp" }, { "vulnerability": "VCID-xcc1-9457-2kd4" }, { "vulnerability": "VCID-z19v-wzpm-4qdq" }, { "vulnerability": "VCID-zaes-de7a-57b8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@11.2.202.442-1%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/173784?format=api", "purl": "pkg:rpm/redhat/flash-plugin@11.2.202.442-1?arch=el5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2duj-79jp-ukc3" }, { "vulnerability": "VCID-2ja5-k81n-augg" }, { "vulnerability": "VCID-3a1u-s3v4-pbf9" }, { "vulnerability": "VCID-3y2r-eyua-mygq" }, { "vulnerability": "VCID-66jm-jpvn-sqc5" }, { "vulnerability": "VCID-agye-dxc8-aff9" }, { "vulnerability": "VCID-g2pr-1pkd-wbhd" }, { "vulnerability": "VCID-k3s2-nx4h-1qbd" }, { "vulnerability": "VCID-kbsk-9s39-xkd9" }, { "vulnerability": "VCID-kkys-t873-ayg4" }, { "vulnerability": "VCID-nay6-7fbe-a3ck" }, { "vulnerability": "VCID-nrrg-3ssx-77cs" }, { "vulnerability": "VCID-qc2d-qfk4-bycq" }, { "vulnerability": "VCID-uhxq-k77r-3ugp" }, { "vulnerability": "VCID-vknj-xp6w-vffp" }, { "vulnerability": "VCID-xcc1-9457-2kd4" }, { "vulnerability": "VCID-z19v-wzpm-4qdq" }, { "vulnerability": "VCID-zaes-de7a-57b8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@11.2.202.442-1%3Farch=el5" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0318.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0318.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.89185", "scoring_system": "epss", "scoring_elements": "0.99552", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0318" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190068", "reference_id": "1190068", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1190068" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/36420.rb", "reference_id": "CVE-2015-0318;OSVDB-117972", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/36420.rb" }, { "reference_url": "https://security.gentoo.org/glsa/201502-02", "reference_id": "GLSA-201502-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0140", "reference_id": "RHSA-2015:0140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0140" } ], "weaknesses": [], "exploits": [ { "date_added": null, "description": "This module exploits a vulnerability found in Adobe Flash Player. A compilation logic error\n in the PCRE engine, specifically in the handling of the \\c escape sequence when followed by\n a multi-byte UTF8 character, allows arbitrary execution of PCRE bytecode.", "required_action": null, "due_date": null, "notes": "Reliability:\n - unknown-reliability\nStability:\n - unknown-stability\nSideEffects:\n - unknown-side-effects\n", "known_ransomware_campaign_use": false, "source_date_published": "2014-11-25", "exploit_type": null, "platform": "Windows", "source_date_updated": null, "data_source": "Metasploit", "source_url": "https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/browser/adobe_flash_pcre.rb" }, { "date_added": "2015-03-17", "description": "Adobe Flash Player - PCRE Regex (Metasploit)", "required_action": null, "due_date": null, "notes": null, "known_ransomware_campaign_use": true, "source_date_published": "2015-03-17", "exploit_type": "remote", "platform": "windows", "source_date_updated": "2015-03-17", "data_source": "Exploit-DB", "source_url": "" } ], "severity_range_score": null, "exploitability": "2.0", "weighted_severity": "0.8", "risk_score": 1.6, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k3s2-nx4h-1qbd" }