Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/532?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/532?format=api", "vulnerability_id": "VCID-1jrf-kzc8-87b8", "summary": "An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns.", "aliases": [ { "alias": "CVE-2017-5418" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1901?format=api", "purl": "pkg:alpm/archlinux/firefox@52.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1900?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-173r-g4tm-tbdk" }, { "vulnerability": "VCID-1jrf-kzc8-87b8" }, { "vulnerability": "VCID-41k8-gnnn-17hp" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5ptb-5a8k-27ff" }, { "vulnerability": "VCID-5vdw-pucj-83df" }, { "vulnerability": "VCID-6rhu-j1hm-5yc5" }, { "vulnerability": "VCID-7rvf-ac7d-6fa6" }, { "vulnerability": "VCID-96xh-fdtu-5fh3" }, { "vulnerability": "VCID-9ymk-b2sg-3bfh" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddhr-r6rr-q7ah" }, { "vulnerability": "VCID-e2vh-ny9f-vugv" }, { "vulnerability": "VCID-ez33-vkty-bkcx" }, { "vulnerability": "VCID-hdfp-hcar-hqdj" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-kxgc-ypqu-9fd9" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m4jq-6tmd-p7gh" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-rmrk-stbr-tbf7" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "references": [ { "reference_url": "https://security.archlinux.org/ASA-201703-3", "reference_id": "ASA-201703-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201703-3" }, { "reference_url": "https://security.archlinux.org/AVG-194", "reference_id": "AVG-194", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-194" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05", "reference_id": "mfsa2017-05", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09", "reference_id": "mfsa2017-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09" } ], "weaknesses": [], "exploits": [], "severity_range_score": "9.0 - 10.0", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1jrf-kzc8-87b8" }