Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/2886?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2886?format=api", "vulnerability_id": "VCID-q6wy-vbkn-5ybk", "summary": "Mozilla developers identified and fixed several memory safety bugs\nin the browser engine used in Firefox and other Mozilla-based\nproducts. Some of these bugs showed evidence of memory corruption\nunder certain circumstances, and we presume that with enough effort at\nleast some of these could be exploited to run arbitrary code.In general these flaws cannot be exploited through email in the Thunderbird\nand SeaMonkey products because scripting is disabled,, but are potentially a risk\nin browser or browser-like contexts in those products.", "aliases": [ { "alias": "CVE-2011-2995" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1186?format=api", "purl": "pkg:mozilla/Firefox@3.6.23", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.6.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/1082?format=api", "purl": "pkg:mozilla/Firefox@7.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@7.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/1084?format=api", "purl": "pkg:mozilla/SeaMonkey@2.4.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/1208?format=api", "purl": "pkg:mozilla/Thunderbird@3.1.15", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@3.1.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/1083?format=api", "purl": "pkg:mozilla/Thunderbird@7.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@7.0.0" } ], "affected_packages": [], "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2995", "reference_id": "CVE-2011-2995", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2995" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-36", "reference_id": "mfsa2011-36", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-36" } ], "weaknesses": [], "exploits": [], "severity_range_score": "9.0 - 10.0", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6wy-vbkn-5ybk" }