GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/37799?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37799?format=api",
    "vulnerability_id": "VCID-gz48-kqak-rqc5",
    "summary": "A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections.",
    "aliases": [
        {
            "alias": "CVE-2024-46667"
        }
    ],
    "fixed_packages": [],
    "affected_packages": [],
    "references": [
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46667",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.00638",
                    "scoring_system": "epss",
                    "scoring_elements": "0.70996",
                    "published_at": "2026-06-11T12:55:00Z"
                },
                {
                    "value": "0.00638",
                    "scoring_system": "epss",
                    "scoring_elements": "0.71087",
                    "published_at": "2026-06-12T12:55:00Z"
                },
                {
                    "value": "0.00638",
                    "scoring_system": "epss",
                    "scoring_elements": "0.71099",
                    "published_at": "2026-06-13T12:55:00Z"
                },
                {
                    "value": "0.00638",
                    "scoring_system": "epss",
                    "scoring_elements": "0.71098",
                    "published_at": "2026-06-14T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-46667"
        },
        {
            "reference_url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-164",
            "reference_id": "FG-IR-24-164",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.9",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:W/RC:C"
                },
                {
                    "value": "Track",
                    "scoring_system": "ssvc",
                    "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T14:27:09Z/"
                }
            ],
            "url": "https://fortiguard.fortinet.com/psirt/FG-IR-24-164"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 770,
            "name": "Allocation of Resources Without Limits or Throttling",
            "description": "The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor."
        }
    ],
    "exploits": [],
    "severity_range_score": "6.9 - 6.9",
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gz48-kqak-rqc5"
}