GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/2232?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2232?format=api",
    "vulnerability_id": "VCID-ccxj-6r97-9uac",
    "summary": "Security researcher regenrecht reported via\nTippingPoint's Zero Day Initiative an error in the implementation of\nthe window.navigator.plugins object.  When a page\nreloads, the plugins array would reallocate all of its members without\nchecking for existing references to each member.  This could result in\nthe deletion of objects for which valid pointers still exist.  An\nattacker could use this vulnerability to crash a victim's browser and\nrun arbitrary code on the victim's machine.",
    "aliases": [
        {
            "alias": "CVE-2010-0177"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/977?format=api",
            "purl": "pkg:mozilla/Firefox@3.0.19",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.19"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/976?format=api",
            "purl": "pkg:mozilla/Firefox@3.5.9",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.9"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/975?format=api",
            "purl": "pkg:mozilla/Firefox@3.6.2",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.6.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/979?format=api",
            "purl": "pkg:mozilla/SeaMonkey@2.0.4",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.0.4"
        }
    ],
    "affected_packages": [],
    "references": [
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0177",
            "reference_id": "CVE-2010-0177",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0177"
        },
        {
            "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-19",
            "reference_id": "mfsa2010-19",
            "reference_type": "",
            "scores": [
                {
                    "value": "critical",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2010-19"
        }
    ],
    "weaknesses": [],
    "exploits": [],
    "severity_range_score": "9.0 - 10.0",
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ccxj-6r97-9uac"
}