Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/2537?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2537?format=api", "vulnerability_id": "VCID-5e6q-3jug-8bbh", "summary": "Mikolaj Habryn discovered an array index bug in crypto.signText() that\nresults in overflowing an allocated array of pointers by two when optional\nCertificate Authority name arguments are passed in.Thunderbird shares the browser engine with Firefox\nand could be vulnerable if JavaScript were to be enabled in mail. This is not\nthe default setting and we strongly discourage users from running\nJavaScript in mail.", "aliases": [ { "alias": "CVE-2006-2778" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1100?format=api", "purl": "pkg:mozilla/SeaMonkey@1.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.2" } ], "affected_packages": [], "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2778", "reference_id": "CVE-2006-2778", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2778" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2006-38", "reference_id": "mfsa2006-38", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2006-38" } ], "weaknesses": [], "exploits": [], "severity_range_score": "9.0 - 10.0", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5e6q-3jug-8bbh" }