Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/1994?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1994?format=api", "vulnerability_id": "VCID-88s5-md25-fbfg", "summary": "Security researcher Seb Patane reported an issue with the\nMozilla Maintenance Service on Windows. This issue allows unprivileged users to\nlocal privilege escalation through the system privileges used by the service\nwhen interacting with local malicious software. This allows the user to bypass\nintegrity checks leading to local privilege escalation. Local file system access\nis necessary in order for this issue to be exploitable and it cannot be\ntriggered through web content.", "aliases": [ { "alias": "CVE-2013-1672" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/922?format=api", "purl": "pkg:mozilla/Firefox@21.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@21.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/923?format=api", "purl": "pkg:mozilla/Firefox%20ESR@17.0.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@17.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/924?format=api", "purl": "pkg:mozilla/Thunderbird@17.0.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@17.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/925?format=api", "purl": "pkg:mozilla/Thunderbird%20ESR@17.0.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird%2520ESR@17.0.6" } ], "affected_packages": [], "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1672", "reference_id": "CVE-2013-1672", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1672" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-44", "reference_id": "mfsa2013-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-44" } ], "weaknesses": [], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88s5-md25-fbfg" }