Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/88777?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88777?format=api", "vulnerability_id": "VCID-3kqr-tasz-u3cq", "summary": "kernel listxattr syscall can corrupt user space programs", "aliases": [ { "alias": "CVE-2006-5753" } ], "fixed_packages": [], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/129943?format=api", "purl": "pkg:rpm/redhat/kernel@2.6.9-42.0.8?arch=EL", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3kqr-tasz-u3cq" }, { "vulnerability": "VCID-73qu-9enf-gbej" }, { "vulnerability": "VCID-9kfg-t3ym-dbfh" }, { "vulnerability": "VCID-9q8w-uane-gyh2" }, { "vulnerability": "VCID-aq86-jxkp-wbfe" }, { "vulnerability": "VCID-d91v-h4jm-bffj" }, { "vulnerability": "VCID-e1x9-pf3a-1uby" }, { "vulnerability": "VCID-e5fn-tpz2-pbfd" }, { "vulnerability": "VCID-epw9-8ew1-xyh9" }, { "vulnerability": "VCID-hwt2-263n-8ffg" }, { "vulnerability": "VCID-hzyy-pqbp-5yga" }, { "vulnerability": "VCID-q7rz-jbh9-3qef" }, { "vulnerability": "VCID-rrxg-9nr8-cqev" }, { "vulnerability": "VCID-s3db-8cbn-a3bs" }, { "vulnerability": "VCID-xms5-ba1y-yfca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.9-42.0.8%3Farch=EL" } ], "references": [ { "reference_url": "http://fedoranews.org/cms/node/2739", "reference_id": "", "reference_type": "", "scores": [], "url": "http://fedoranews.org/cms/node/2739" }, { "reference_url": "http://fedoranews.org/cms/node/2740", "reference_id": "", "reference_type": "", "scores": [], "url": "http://fedoranews.org/cms/node/2740" }, { "reference_url": "http://lkml.org/lkml/2007/1/3/150", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lkml.org/lkml/2007/1/3/150" }, { "reference_url": "http://osvdb.org/33020", "reference_id": "", "reference_type": "", "scores": [], "url": "http://osvdb.org/33020" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5753.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24585", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.247", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24472", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24542", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24587", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24603", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2456", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24506", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24662", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30079", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29824", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29758", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.2994", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30056", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.3001", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5753" }, { "reference_url": "http://secunia.com/advisories/23955", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/23955" }, { "reference_url": "http://secunia.com/advisories/23997", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/23997" }, { "reference_url": "http://secunia.com/advisories/24098", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24098" }, { "reference_url": "http://secunia.com/advisories/24100", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24100" }, { "reference_url": "http://secunia.com/advisories/24206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24206" }, { "reference_url": "http://secunia.com/advisories/24400", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24400" }, { "reference_url": "http://secunia.com/advisories/24429", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24429" }, { "reference_url": "http://secunia.com/advisories/24482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24482" }, { "reference_url": "http://secunia.com/advisories/24547", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24547" }, { "reference_url": "http://secunia.com/advisories/25226", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25226" }, { "reference_url": "http://secunia.com/advisories/25683", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25683" }, { "reference_url": "http://secunia.com/advisories/25691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25691" }, { "reference_url": "http://secunia.com/advisories/25714", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25714" }, { "reference_url": "http://secunia.com/advisories/29058", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/29058" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1106", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1106" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9371" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-063.htm" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1304", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1304" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1503", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1503" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:040", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:040" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:060", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:060" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_18_kernel.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_18_kernel.html" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_21_kernel.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_21_kernel.html" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_30_kernel.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_30_kernel.html" }, { "reference_url": "http://www.novell.com/linux/security/advisories/2007_35_kernel.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/linux/security/advisories/2007_35_kernel.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0014.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/471457", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/471457" }, { "reference_url": "http://www.securityfocus.com/bid/22316", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/22316" }, { "reference_url": "http://www.ubuntu.com/usn/usn-416-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-416-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=306891", "reference_id": "306891", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=306891" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5753", "reference_id": "CVE-2006-5753", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0014", "reference_id": "RHSA-2007:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0014" }, { "reference_url": "https://usn.ubuntu.com/416-1/", "reference_id": "USN-416-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/416-1/" } ], "weaknesses": [ { "cwe_id": 681, "name": "Incorrect Conversion between Numeric Types", "description": "When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur." }, { "cwe_id": 119, "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "description": "The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer." } ], "exploits": [], "severity_range_score": "7.2 - 7.2", "exploitability": "0.5", "weighted_severity": "6.5", "risk_score": 3.2, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kqr-tasz-u3cq" }