Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/2220?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2220?format=api", "vulnerability_id": "VCID-5bux-q44x-mfak", "summary": "Security researcher J23 reported via\nTippingPoint's Zero Day Initiative that an array class used to store\nCSS values contained an integer overflow vulnerability. The 16 bit\ninteger value used in allocating the size of the array could overflow,\nresulting in too small a memory buffer being created. When the array\nwas later populated with CSS values data would be written past the end\nof the buffer potentially resulting in the execution of\nattacker-controlled memory.", "aliases": [ { "alias": "CVE-2010-2752" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/973?format=api", "purl": "pkg:mozilla/Firefox@3.5.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/972?format=api", "purl": "pkg:mozilla/Firefox@3.6.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.6.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/974?format=api", "purl": "pkg:mozilla/SeaMonkey@2.0.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/996?format=api", "purl": "pkg:mozilla/Thunderbird@3.0.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@3.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/980?format=api", "purl": "pkg:mozilla/Thunderbird@3.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@3.1.1" } ], "affected_packages": [], "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2752", "reference_id": "CVE-2010-2752", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2752" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-39", "reference_id": "mfsa2010-39", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-39" } ], "weaknesses": [], "exploits": [], "severity_range_score": "9.0 - 10.0", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bux-q44x-mfak" }