Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/688?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/688?format=api", "vulnerability_id": "VCID-zysf-gywg-qyga", "summary": "A STUN server in conjunction with a large number of webkitRTCPeerConnection objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack.", "aliases": [ { "alias": "CVE-2017-5388" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1900?format=api", "purl": "pkg:alpm/archlinux/firefox@51.0.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-173r-g4tm-tbdk" }, { "vulnerability": "VCID-1jrf-kzc8-87b8" }, { "vulnerability": "VCID-41k8-gnnn-17hp" }, { "vulnerability": "VCID-4gky-p4gv-u7cw" }, { "vulnerability": "VCID-4ncv-bsfh-kufk" }, { "vulnerability": "VCID-53n9-hyzh-yyaz" }, { "vulnerability": "VCID-5ptb-5a8k-27ff" }, { "vulnerability": "VCID-5vdw-pucj-83df" }, { "vulnerability": "VCID-6rhu-j1hm-5yc5" }, { "vulnerability": "VCID-7rvf-ac7d-6fa6" }, { "vulnerability": "VCID-96xh-fdtu-5fh3" }, { "vulnerability": "VCID-9ymk-b2sg-3bfh" }, { "vulnerability": "VCID-d5gv-m4u7-3bfc" }, { "vulnerability": "VCID-ddhr-r6rr-q7ah" }, { "vulnerability": "VCID-e2vh-ny9f-vugv" }, { "vulnerability": "VCID-ez33-vkty-bkcx" }, { "vulnerability": "VCID-hdfp-hcar-hqdj" }, { "vulnerability": "VCID-jc41-75ha-97c9" }, { "vulnerability": "VCID-kxgc-ypqu-9fd9" }, { "vulnerability": "VCID-m2ee-rr9r-u3ge" }, { "vulnerability": "VCID-m4jq-6tmd-p7gh" }, { "vulnerability": "VCID-nv26-s56m-vkdh" }, { "vulnerability": "VCID-rmrk-stbr-tbf7" }, { "vulnerability": "VCID-wx4s-73zs-cfap" }, { "vulnerability": "VCID-xtbe-gv4p-23fn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1914?format=api", "purl": "pkg:alpm/archlinux/firefox@50.1.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11uz-v7pw-v7hw" }, { "vulnerability": "VCID-3am9-1vdf-27gt" }, { "vulnerability": "VCID-442s-jgvp-gfav" }, { "vulnerability": "VCID-52sd-uf2t-wkam" }, { "vulnerability": "VCID-5m57-7cch-v3ga" }, { "vulnerability": "VCID-7h8u-eu8y-1kha" }, { "vulnerability": "VCID-bn6e-q2fz-7fba" }, { "vulnerability": "VCID-d6tp-qmay-tbf6" }, { "vulnerability": "VCID-fhdf-bwes-dkbc" }, { "vulnerability": "VCID-hhp4-mh9x-pkfc" }, { "vulnerability": "VCID-m7n2-1ppv-jfcm" }, { "vulnerability": "VCID-n9bg-836z-abb8" }, { "vulnerability": "VCID-qp5g-hk6b-8qck" }, { "vulnerability": "VCID-t84w-xvmd-sudf" }, { "vulnerability": "VCID-urn6-j25v-pkdz" }, { "vulnerability": "VCID-vz3w-t1uk-ubb7" }, { "vulnerability": "VCID-w6s6-79aa-ubg4" }, { "vulnerability": "VCID-w7y8-j3y5-v3ex" }, { "vulnerability": "VCID-yk3y-5my9-auak" }, { "vulnerability": "VCID-zd5k-c12h-c3ae" }, { "vulnerability": "VCID-zysf-gywg-qyga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@50.1.0-1" } ], "references": [ { "reference_url": "https://security.archlinux.org/ASA-201701-39", "reference_id": "ASA-201701-39", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-39" }, { "reference_url": "https://security.archlinux.org/AVG-157", "reference_id": "AVG-157", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01", "reference_id": "mfsa2017-01", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-01" } ], "weaknesses": [], "exploits": [], "severity_range_score": "9.0 - 10.0", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zysf-gywg-qyga" }