Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/63709?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63709?format=api", "vulnerability_id": "VCID-g8br-k7np-kqce", "summary": "Mozilla security researcher Christoph Diehl reported two\ncrashes in WebGL code. One crash was the result of an out-of-bounds\nread and could be used to read data from other processes who had\nstored data in the GPU. The severity of this issue was determined to\nbe high. The second crash was the result of an invalid write and could\nbe used to execute arbitrary code. The severity of this issue was\ndetermined to be critical.The WebGL functionality was introduced in the browser engine used\nby Firefox 4 and SeaMonkey 2.1; the vulnerability does not affect earlier versions.", "aliases": [ { "alias": "CVE-2011-2367" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86768?format=api", "purl": "pkg:mozilla/Firefox@5.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@5.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/86771?format=api", "purl": "pkg:mozilla/SeaMonkey@2.2.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.2.0" } ], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2367", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.71551", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.71431", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.71439", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.71456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.7143", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.71471", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.71483", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.71505", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.7149", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.71516", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.71522", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00676", "scoring_system": "epss", "scoring_elements": "0.715", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2367", "reference_id": "CVE-2011-2367", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2367" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-26", "reference_id": "mfsa2011-26", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2011-26" }, { "reference_url": "https://usn.ubuntu.com/1157-1/", "reference_id": "USN-1157-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1157-1/" } ], "weaknesses": [], "exploits": [], "severity_range_score": "9.0 - 10.0", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g8br-k7np-kqce" }