GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/2227?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2227?format=api",
    "vulnerability_id": "VCID-gkry-fmfu-93ax",
    "summary": "Security researcher regenrecht reported via\nTippingPoint's Zero Day Initiative an error in Mozilla's\nimplementation of NodeIterator in which a\nmalicious NodeFilter could be created which would detach\nnodes from the DOM tree while it was being traversed.  The use of a\ndetached and subsequently deleted node could result in the execution\nof attacker-controlled memory.",
    "aliases": [
        {
            "alias": "CVE-2010-1209"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/973?format=api",
            "purl": "pkg:mozilla/Firefox@3.5.11",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.11"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/972?format=api",
            "purl": "pkg:mozilla/Firefox@3.6.7",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.6.7"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/974?format=api",
            "purl": "pkg:mozilla/SeaMonkey@2.0.6",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.0.6"
        }
    ],
    "affected_packages": [],
    "references": [
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1209",
            "reference_id": "CVE-2010-1209",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1209"
        },
        {
            "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-36",
            "reference_id": "mfsa2010-36",
            "reference_type": "",
            "scores": [
                {
                    "value": "critical",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-36"
        }
    ],
    "weaknesses": [],
    "exploits": [],
    "severity_range_score": "9.0 - 10.0",
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gkry-fmfu-93ax"
}