Vulnerability Instance

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88399?format=api",
    "vulnerability_id": "VCID-h33p-qqhj-43gw",
    "summary": "kernel snd_seq_oss_synth_make_info leak",
    "aliases": [
        {
            "alias": "CVE-2008-3272"
        }
    ],
    "fixed_packages": [],
    "affected_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/128893?format=api",
            "purl": "pkg:rpm/redhat/kernel@2.6.9-78.0.8?arch=EL",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-56pn-afy1-p3h6"
                },
                {
                    "vulnerability": "VCID-eqej-217s-5kfk"
                },
                {
                    "vulnerability": "VCID-h33p-qqhj-43gw"
                },
                {
                    "vulnerability": "VCID-hjz4-81cy-w7az"
                },
                {
                    "vulnerability": "VCID-hypr-z432-eqf9"
                },
                {
                    "vulnerability": "VCID-qst8-gdpb-sfct"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.9-78.0.8%3Farch=EL"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/129179?format=api",
            "purl": "pkg:rpm/redhat/kernel@2.6.18-92.1.13?arch=el5",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-9m43-vmzt-a7gk"
                },
                {
                    "vulnerability": "VCID-cf2v-zn7q-b3gd"
                },
                {
                    "vulnerability": "VCID-h33p-qqhj-43gw"
                },
                {
                    "vulnerability": "VCID-hypr-z432-eqf9"
                },
                {
                    "vulnerability": "VCID-z6ux-17xg-gbef"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-92.1.13%3Farch=el5"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/128902?format=api",
            "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-81?arch=el5rt",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-6mam-3efh-b3c5"
                },
                {
                    "vulnerability": "VCID-bkg3-r72y-7ucs"
                },
                {
                    "vulnerability": "VCID-cf2v-zn7q-b3gd"
                },
                {
                    "vulnerability": "VCID-frr7-cvec-w3d2"
                },
                {
                    "vulnerability": "VCID-fyk1-8cwz-bkcr"
                },
                {
                    "vulnerability": "VCID-h33p-qqhj-43gw"
                },
                {
                    "vulnerability": "VCID-nvjg-9rzb-dufu"
                },
                {
                    "vulnerability": "VCID-qcr4-zt18-hfa7"
                },
                {
                    "vulnerability": "VCID-t33f-rngp-qqc3"
                },
                {
                    "vulnerability": "VCID-zrj5-8dq9-dfg8"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel-rt@2.6.24.7-81%3Farch=el5rt"
        }
    ],
    "references": [
        {
            "reference_url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=82e68f7ffec3800425f2391c8c86277606860442",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=82e68f7ffec3800425f2391c8c86277606860442"
        },
        {
            "reference_url": "http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.27-rc2",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.27-rc2"
        },
        {
            "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html"
        },
        {
            "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00001.html"
        },
        {
            "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html"
        },
        {
            "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html"
        },
        {
            "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html"
        },
        {
            "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0972.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://rhn.redhat.com/errata/RHSA-2008-0972.html"
        },
        {
            "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3272.json",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3272.json"
        },
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3272",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19474",
                    "published_at": "2026-04-29T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19684",
                    "published_at": "2026-04-01T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19829",
                    "published_at": "2026-04-02T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19883",
                    "published_at": "2026-04-04T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.1961",
                    "published_at": "2026-04-07T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.1969",
                    "published_at": "2026-04-08T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19742",
                    "published_at": "2026-04-09T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19746",
                    "published_at": "2026-04-11T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19697",
                    "published_at": "2026-04-12T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19639",
                    "published_at": "2026-04-13T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19616",
                    "published_at": "2026-04-16T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19618",
                    "published_at": "2026-04-18T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19633",
                    "published_at": "2026-04-21T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19525",
                    "published_at": "2026-04-24T12:55:00Z"
                },
                {
                    "value": "0.00063",
                    "scoring_system": "epss",
                    "scoring_elements": "0.19513",
                    "published_at": "2026-04-26T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3272"
        },
        {
            "reference_url": "http://secunia.com/advisories/31366",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/31366"
        },
        {
            "reference_url": "http://secunia.com/advisories/31551",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/31551"
        },
        {
            "reference_url": "http://secunia.com/advisories/31614",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/31614"
        },
        {
            "reference_url": "http://secunia.com/advisories/31836",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/31836"
        },
        {
            "reference_url": "http://secunia.com/advisories/31881",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/31881"
        },
        {
            "reference_url": "http://secunia.com/advisories/32023",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/32023"
        },
        {
            "reference_url": "http://secunia.com/advisories/32103",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/32103"
        },
        {
            "reference_url": "http://secunia.com/advisories/32104",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/32104"
        },
        {
            "reference_url": "http://secunia.com/advisories/32190",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/32190"
        },
        {
            "reference_url": "http://secunia.com/advisories/32370",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/32370"
        },
        {
            "reference_url": "http://secunia.com/advisories/32759",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/32759"
        },
        {
            "reference_url": "http://secunia.com/advisories/32799",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://secunia.com/advisories/32799"
        },
        {
            "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44225",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44225"
        },
        {
            "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11182",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11182"
        },
        {
            "reference_url": "http://www.debian.org/security/2008/dsa-1630",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.debian.org/security/2008/dsa-1630"
        },
        {
            "reference_url": "http://www.debian.org/security/2008/dsa-1636",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.debian.org/security/2008/dsa-1636"
        },
        {
            "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:220",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:220"
        },
        {
            "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html"
        },
        {
            "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0885.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0885.html"
        },
        {
            "reference_url": "http://www.securityfocus.com/bid/30559",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.securityfocus.com/bid/30559"
        },
        {
            "reference_url": "http://www.securitytracker.com/id?1020636",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.securitytracker.com/id?1020636"
        },
        {
            "reference_url": "http://www.vupen.com/english/advisories/2008/2307",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.vupen.com/english/advisories/2008/2307"
        },
        {
            "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=457995",
            "reference_id": "457995",
            "reference_type": "",
            "scores": [],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=457995"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
            "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
            "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.27:-:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:linux:linux_kernel:2.6.27:-:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.27:-:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3272",
            "reference_id": "CVE-2008-3272",
            "reference_type": "",
            "scores": [
                {
                    "value": "2.1",
                    "scoring_system": "cvssv2",
                    "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:N"
                }
            ],
            "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3272"
        },
        {
            "reference_url": "https://access.redhat.com/errata/RHSA-2008:0857",
            "reference_id": "RHSA-2008:0857",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/errata/RHSA-2008:0857"
        },
        {
            "reference_url": "https://access.redhat.com/errata/RHSA-2008:0885",
            "reference_id": "RHSA-2008:0885",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/errata/RHSA-2008:0885"
        },
        {
            "reference_url": "https://access.redhat.com/errata/RHSA-2008:0972",
            "reference_id": "RHSA-2008:0972",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/errata/RHSA-2008:0972"
        },
        {
            "reference_url": "https://usn.ubuntu.com/637-1/",
            "reference_id": "USN-637-1",
            "reference_type": "",
            "scores": [],
            "url": "https://usn.ubuntu.com/637-1/"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 200,
            "name": "Exposure of Sensitive Information to an Unauthorized Actor",
            "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."
        }
    ],
    "exploits": [],
    "severity_range_score": "2.1 - 2.1",
    "exploitability": "0.5",
    "weighted_severity": "1.9",
    "risk_score": 0.9,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h33p-qqhj-43gw"
}