Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/1923?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1923?format=api", "vulnerability_id": "VCID-k1bk-quky-zqar", "summary": "Security researcher Rafay Baloch reported a mechanism to spoof the\naddressbar in Firefox for Android using right-to-left character sets when combined with\nleft-to-right characters. This can be used to cause only certain portions of the loaded\nleft-to-right character portion of the URL to be displayed, misleading users as to what\nsite is loaded, possibly leading to phishing attacks. \nThis vulnerability does not affect the desktop version of Firefox.", "aliases": [ { "alias": "CVE-2016-5267" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/898?format=api", "purl": "pkg:mozilla/Firefox@48.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@48.0.0" } ], "affected_packages": [], "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267", "reference_id": "CVE-2016-5267", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-82", "reference_id": "mfsa2016-82", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2016-82" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1bk-quky-zqar" }