Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/69611?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69611?format=api", "vulnerability_id": "VCID-az2k-jzw4-fuc7", "summary": "An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before 2.9.5-1 sets world-writable permissions for the /dev/cuse character device, which allows local users to gain privileges via a character device in /dev, related to an ioctl.", "aliases": [ { "alias": "CVE-2016-1233" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/513137?format=api", "purl": "pkg:deb/debian/fuse@2.9.3-15%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.9.3-15%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/95864?format=api", "purl": "pkg:deb/debian/fuse@2.9.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.9.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/515821?format=api", "purl": "pkg:deb/debian/fuse@2.9.7-1%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6b2e-ewue-fqap" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.9.7-1%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/95858?format=api", "purl": "pkg:deb/debian/fuse@2.9.9-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.9.9-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95856?format=api", "purl": "pkg:deb/debian/fuse@2.9.9-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.9.9-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95859?format=api", "purl": "pkg:deb/debian/fuse@2.9.9-9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.9.9-9%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/247588?format=api", "purl": "pkg:deb/debian/fuse@2.2.1-4sarge2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cge-7g28-k7a6" }, { "vulnerability": "VCID-4nq4-5byf-fba3" }, { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-a95r-bxba-eubj" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-cmds-kzhu-c7e4" }, { "vulnerability": "VCID-jv12-nxw2-9ya6" }, { "vulnerability": "VCID-mq1j-8ctw-kue6" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" }, { "vulnerability": "VCID-wyxr-d8np-kqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.2.1-4sarge2" }, { "url": "http://public2.vulnerablecode.io/api/packages/247590?format=api", "purl": "pkg:deb/debian/fuse@2.5.3-4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cge-7g28-k7a6" }, { "vulnerability": "VCID-4nq4-5byf-fba3" }, { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-a95r-bxba-eubj" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-jv12-nxw2-9ya6" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" }, { "vulnerability": "VCID-wyxr-d8np-kqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.5.3-4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/247591?format=api", "purl": "pkg:deb/debian/fuse@2.5.3-4.4%2Betch1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cge-7g28-k7a6" }, { "vulnerability": "VCID-4nq4-5byf-fba3" }, { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-a95r-bxba-eubj" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-jv12-nxw2-9ya6" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" }, { "vulnerability": "VCID-wyxr-d8np-kqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.5.3-4.4%252Betch1" }, { "url": "http://public2.vulnerablecode.io/api/packages/247592?format=api", "purl": "pkg:deb/debian/fuse@2.7.4-1.1%2Blenny1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4cge-7g28-k7a6" }, { "vulnerability": "VCID-4nq4-5byf-fba3" }, { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-a95r-bxba-eubj" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-jv12-nxw2-9ya6" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" }, { "vulnerability": "VCID-wyxr-d8np-kqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.7.4-1.1%252Blenny1" }, { "url": "http://public2.vulnerablecode.io/api/packages/247593?format=api", "purl": "pkg:deb/debian/fuse@2.8.4-1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nq4-5byf-fba3" }, { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-a95r-bxba-eubj" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-jv12-nxw2-9ya6" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" }, { "vulnerability": "VCID-wyxr-d8np-kqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.8.4-1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/247594?format=api", "purl": "pkg:deb/debian/fuse@2.8.4-1.1%2Bdeb6u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4nq4-5byf-fba3" }, { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-a95r-bxba-eubj" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-jv12-nxw2-9ya6" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" }, { "vulnerability": "VCID-wyxr-d8np-kqcm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.8.4-1.1%252Bdeb6u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/247595?format=api", "purl": "pkg:deb/debian/fuse@2.9.0-2%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.9.0-2%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/513136?format=api", "purl": "pkg:deb/debian/fuse@2.9.3-15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.9.3-15" }, { "url": "http://public2.vulnerablecode.io/api/packages/513137?format=api", "purl": "pkg:deb/debian/fuse@2.9.3-15%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6b2e-ewue-fqap" }, { "vulnerability": "VCID-az2k-jzw4-fuc7" }, { "vulnerability": "VCID-ute9-2hqz-rfb2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/fuse@2.9.3-15%252Bdeb8u2" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1233.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1233.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1233", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.28967", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29037", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29003", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.28968", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1233" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1233" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:S/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301011", "reference_id": "1301011", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301011" } ], "weaknesses": [ { "cwe_id": 732, "name": "Incorrect Permission Assignment for Critical Resource", "description": "The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors." } ], "exploits": [], "severity_range_score": "6.0 - 6.0", "exploitability": "0.5", "weighted_severity": "3.0", "risk_score": 1.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-az2k-jzw4-fuc7" }