Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/2249?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2249?format=api", "vulnerability_id": "VCID-mfnv-gyq3-eufj", "summary": "Security researcher Paul Stone reported an attack where an\nHTML page hosted on a Windows share and then loaded could then load Windows\nshortcut files (.lnk) in the same share. These shortcut files could then link to\narbitrary locations on the local file system of the individual loading the HTML\npage. That page could show the contents of these linked files or directories\nfrom the local file system in an iframe, causing information disclosure.\nThis issue could potentially affect Linux machines with samba\nshares enabled.", "aliases": [ { "alias": "CVE-2012-1945" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1045?format=api", "purl": "pkg:mozilla/Firefox@13.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@13.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/1046?format=api", "purl": "pkg:mozilla/Firefox%20ESR@10.0.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@10.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049?format=api", "purl": "pkg:mozilla/SeaMonkey@2.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/1047?format=api", "purl": "pkg:mozilla/Thunderbird@13.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@13.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/1048?format=api", "purl": "pkg:mozilla/Thunderbird%20ESR@10.0.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird%2520ESR@10.0.5" } ], "affected_packages": [], "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1945", "reference_id": "CVE-2012-1945", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1945" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-37", "reference_id": "mfsa2012-37", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-37" } ], "weaknesses": [], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mfnv-gyq3-eufj" }