GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/2458?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2458?format=api",
    "vulnerability_id": "VCID-by8v-e1uc-kubb",
    "summary": "Security researcher Liu Die Yu of\nTopsecTianRongXin reported that locally saved .url shortcut files\ncould be used to read information stored in the local cache.  An\nattacker could use this vulnerability to steal information from a\nvictim's browser cache if they were able to get the victim to download\ntwo separate files, a .url shortcut and a HTML file.  Given the\nrelative complexity of this attack, the severity of the issue was\ndetermined to be moderate.",
    "aliases": [
        {
            "alias": "CVE-2008-4582"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1088?format=api",
            "purl": "pkg:mozilla/Firefox@3.0.4",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.4"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1089?format=api",
            "purl": "pkg:mozilla/SeaMonkey@1.1.13",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.1.13"
        }
    ],
    "affected_packages": [],
    "references": [
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4582",
            "reference_id": "CVE-2008-4582",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4582"
        },
        {
            "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-47",
            "reference_id": "mfsa2008-47",
            "reference_type": "",
            "scores": [
                {
                    "value": "none",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-47"
        }
    ],
    "weaknesses": [],
    "exploits": [],
    "severity_range_score": null,
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-by8v-e1uc-kubb"
}