Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/98986?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98986?format=api", "vulnerability_id": "VCID-hgg5-afas-gqem", "summary": "Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.", "aliases": [ { "alias": "CVE-2010-1634" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/125528?format=api", "purl": "pkg:deb/debian/python2.7@2.7-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/125526?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/190450?format=api", "purl": "pkg:ebuild/dev-lang/python@2.6.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@2.6.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/190451?format=api", "purl": "pkg:ebuild/dev-lang/python@2.7.3-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@2.7.3-r1" }, { "url": "http://public2.vulnerablecode.io/api/packages/190452?format=api", "purl": "pkg:ebuild/dev-lang/python@3.2.5-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.2.5-r1" }, { "url": "http://public2.vulnerablecode.io/api/packages/190453?format=api", "purl": "pkg:ebuild/dev-lang/python@3.3.2-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.3.2-r1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/184105?format=api", "purl": "pkg:rpm/redhat/python@2.3.4-14.10?arch=el4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-425q-pchy-2yfg" }, { "vulnerability": "VCID-hgg5-afas-gqem" }, { "vulnerability": "VCID-nmcu-anmn-nybp" }, { "vulnerability": "VCID-pzy5-zxy9-g7hx" }, { "vulnerability": "VCID-qff9-jcqa-jubc" }, { "vulnerability": "VCID-xqzx-p4gv-kfdw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.3.4-14.10%3Farch=el4" }, { "url": "http://public2.vulnerablecode.io/api/packages/184741?format=api", "purl": "pkg:rpm/redhat/python@2.4.3-43?arch=el5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9qyx-2zhx-5qag" }, { "vulnerability": "VCID-d5nm-cwte-qudf" }, { "vulnerability": "VCID-hgg5-afas-gqem" }, { "vulnerability": "VCID-kz5q-q45c-jub6" }, { "vulnerability": "VCID-pzy5-zxy9-g7hx" }, { "vulnerability": "VCID-ydue-93bt-e7h8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python@2.4.3-43%3Farch=el5" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1634.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1634.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1634", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.7935", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1634" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=590690", "reference_id": "590690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=590690" }, { "reference_url": "https://security.gentoo.org/glsa/201401-04", "reference_id": "GLSA-201401-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0027", "reference_id": "RHSA-2011:0027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0491", "reference_id": "RHSA-2011:0491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0491" } ], "weaknesses": [ { "cwe_id": 190, "name": "Integer Overflow or Wraparound", "description": "The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control." } ], "exploits": [], "severity_range_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hgg5-afas-gqem" }