Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/1996?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1996?format=api", "vulnerability_id": "VCID-c66d-1g74-jqa6", "summary": "Using the Address Sanitizer tool, security researcher Atte\nKettunen from OUSPG found an out-of-bounds read while rendering GIF\nformat images. This could cause a non-exploitable crash and could also attempt\nto render normally inaccessible data as part of the image.", "aliases": [ { "alias": "CVE-2013-0772" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192470?format=api", "purl": "pkg:ebuild/mail-client/thunderbird@17.0.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@17.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/192474?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@2.21", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@2.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/192475?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@17.0.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@17.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/192471?format=api", "purl": "pkg:ebuild/www-client/firefox@17.0.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@17.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/192476?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@2.21", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@2.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/192477?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@17.0.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@17.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/192472?format=api", "purl": "pkg:ebuild/www-client/seamonkey@2.21", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@2.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/192473?format=api", "purl": "pkg:ebuild/www-client/seamonkey@17.0.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@17.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/192478?format=api", "purl": "pkg:ebuild/www-client/seamonkey-bin@2.21", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@2.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/192479?format=api", "purl": "pkg:ebuild/www-client/seamonkey-bin@17.0.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@17.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/954?format=api", "purl": "pkg:mozilla/Firefox@19.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@19.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/955?format=api", "purl": "pkg:mozilla/SeaMonkey@2.16.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.16.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/177894?format=api", "purl": "pkg:rpm/redhat/firefox@24.2.0-1?arch=el6_5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4gbc-6zrz-dfb8" }, { "vulnerability": "VCID-5jeg-ytzh-rff7" }, { "vulnerability": "VCID-7n14-qc7w-23f8" }, { "vulnerability": "VCID-bpzv-nc7w-skc1" }, { "vulnerability": "VCID-c66d-1g74-jqa6" }, { "vulnerability": "VCID-qtvy-hphf-w3fg" }, { "vulnerability": "VCID-tzau-6ftq-qfh8" }, { "vulnerability": "VCID-vbnf-8wtz-8be5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@24.2.0-1%3Farch=el6_5" }, { "url": "http://public2.vulnerablecode.io/api/packages/177895?format=api", "purl": "pkg:rpm/redhat/firefox@24.2.0-1?arch=el5_10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4gbc-6zrz-dfb8" }, { "vulnerability": "VCID-5jeg-ytzh-rff7" }, { "vulnerability": "VCID-7n14-qc7w-23f8" }, { "vulnerability": "VCID-bpzv-nc7w-skc1" }, { "vulnerability": "VCID-c66d-1g74-jqa6" }, { "vulnerability": "VCID-qtvy-hphf-w3fg" }, { "vulnerability": "VCID-tzau-6ftq-qfh8" }, { "vulnerability": "VCID-vbnf-8wtz-8be5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@24.2.0-1%3Farch=el5_10" }, { "url": "http://public2.vulnerablecode.io/api/packages/177673?format=api", "purl": "pkg:rpm/redhat/thunderbird@24.2.0-1?arch=el6_5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4gbc-6zrz-dfb8" }, { "vulnerability": "VCID-5jeg-ytzh-rff7" }, { "vulnerability": "VCID-7n14-qc7w-23f8" }, { "vulnerability": "VCID-b1wu-yyef-gfa3" }, { "vulnerability": "VCID-bpzv-nc7w-skc1" }, { "vulnerability": "VCID-c66d-1g74-jqa6" }, { "vulnerability": "VCID-qtvy-hphf-w3fg" }, { "vulnerability": "VCID-tzau-6ftq-qfh8" }, { "vulnerability": "VCID-vbnf-8wtz-8be5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@24.2.0-1%3Farch=el6_5" }, { "url": "http://public2.vulnerablecode.io/api/packages/177674?format=api", "purl": "pkg:rpm/redhat/thunderbird@24.2.0-2?arch=el5_10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4gbc-6zrz-dfb8" }, { "vulnerability": "VCID-5jeg-ytzh-rff7" }, { "vulnerability": "VCID-7n14-qc7w-23f8" }, { "vulnerability": "VCID-b1wu-yyef-gfa3" }, { "vulnerability": "VCID-bpzv-nc7w-skc1" }, { "vulnerability": "VCID-c66d-1g74-jqa6" }, { "vulnerability": "VCID-qtvy-hphf-w3fg" }, { "vulnerability": "VCID-tzau-6ftq-qfh8" }, { "vulnerability": "VCID-vbnf-8wtz-8be5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@24.2.0-2%3Farch=el5_10" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0772.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0772.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79981", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0772" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=911840", "reference_id": "911840", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=911840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0772", "reference_id": "CVE-2013-0772", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0772" }, { "reference_url": "https://security.gentoo.org/glsa/201309-23", "reference_id": "GLSA-201309-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-22", "reference_id": "mfsa2013-22", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2013-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1812", "reference_id": "RHSA-2013:1812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1823", "reference_id": "RHSA-2013:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1823" } ], "weaknesses": [ { "cwe_id": 125, "name": "Out-of-bounds Read", "description": "The product reads data past the end, or before the beginning, of the intended buffer." } ], "exploits": [], "severity_range_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c66d-1g74-jqa6" }