Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/1883?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1883?format=api", "vulnerability_id": "VCID-277z-av5y-8fdh", "summary": "Security researcher Ronald Crane reported a race condition in\nGetStaticInstance in WebRTC which results in a use-after-free. This could\nresult in a potentially exploitable crash. This issue was found through code inspection\nand does not have clear mechanism to be exploited through web content but is vulnerable if\na mechanism can be found to trigger it.", "aliases": [ { "alias": "CVE-2016-1973" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/890?format=api", "purl": "pkg:mozilla/Firefox@45.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@45.0.0" } ], "affected_packages": [], "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1973", "reference_id": "CVE-2016-1973", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1973" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-33", "reference_id": "mfsa2016-33", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-33" } ], "weaknesses": [], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-277z-av5y-8fdh" }