Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/41674?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41674?format=api", "vulnerability_id": "VCID-1ecs-v7qx-wqeg", "summary": "Multiple vulnerabilities were found in Mono, the worst of which\n allowing for the remote execution of arbitrary code.", "aliases": [ { "alias": "CVE-2010-3332" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/75748?format=api", "purl": "pkg:ebuild/dev-lang/mono@2.8.1-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/mono@2.8.1-r1" }, { "url": "http://public2.vulnerablecode.io/api/packages/75749?format=api", "purl": "pkg:ebuild/dev-lang/mono@2.10.2-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/mono@2.10.2-r1" }, { "url": "http://public2.vulnerablecode.io/api/packages/75747?format=api", "purl": "pkg:ebuild/dev-util/mono-debugger@2.8.1-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-util/mono-debugger@2.8.1-r1" } ], "affected_packages": [], "references": [ { "reference_url": "http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx" }, { "reference_url": "http://isc.sans.edu/diary.html?storyid=9568", "reference_id": "", "reference_type": "", "scores": [], "url": "http://isc.sans.edu/diary.html?storyid=9568" }, { "reference_url": "http://pentonizer.com/general-programming/aspnet-poet-vulnerability-what-else-can-i-do/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://pentonizer.com/general-programming/aspnet-poet-vulnerability-what-else-can-i-do/" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3332", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.83598", "scoring_system": "epss", "scoring_elements": "0.99292", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.83598", "scoring_system": "epss", "scoring_elements": "0.99286", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.83598", "scoring_system": "epss", "scoring_elements": "0.99287", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.83598", "scoring_system": "epss", "scoring_elements": "0.99288", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.83598", "scoring_system": "epss", "scoring_elements": "0.99289", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.85692", "scoring_system": "epss", "scoring_elements": "0.9937", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.85692", "scoring_system": "epss", "scoring_elements": "0.99376", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.85692", "scoring_system": "epss", "scoring_elements": "0.99371", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.85692", "scoring_system": "epss", "scoring_elements": "0.99372", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.85692", "scoring_system": "epss", "scoring_elements": "0.99374", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.85692", "scoring_system": "epss", "scoring_elements": "0.99375", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3332" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-070", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-070" }, { "reference_url": "http://secunia.com/advisories/41409", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/41409" }, { "reference_url": "http://securitytracker.com/id?1024459", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securitytracker.com/id?1024459" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61898" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12365" }, { "reference_url": "http://threatpost.com/en_us/blogs/new-crypto-attack-affects-millions-aspnet-apps-091310", "reference_id": "", "reference_type": "", "scores": [], "url": "http://threatpost.com/en_us/blogs/new-crypto-attack-affects-millions-aspnet-apps-091310" }, { "reference_url": "http://twitter.com/thaidn/statuses/24832350146", "reference_id": "", "reference_type": "", "scores": [], "url": "http://twitter.com/thaidn/statuses/24832350146" }, { "reference_url": "http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx" }, { "reference_url": "http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryId/2799/Oracle-Padding-Vulnerability-in-ASP-NET.aspx", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryId/2799/Oracle-Padding-Vulnerability-in-ASP-NET.aspx" }, { "reference_url": "http://www.ekoparty.org/juliano-rizzo-2010.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ekoparty.org/juliano-rizzo-2010.php" }, { "reference_url": "http://www.microsoft.com/technet/security/advisory/2416728.mspx", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.microsoft.com/technet/security/advisory/2416728.mspx" }, { "reference_url": "http://www.mono-project.com/Vulnerabilities#ASP.NET_Padding_Oracle", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mono-project.com/Vulnerabilities#ASP.NET_Padding_Oracle" }, { "reference_url": "http://www.securityfocus.com/bid/43316", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/43316" }, { "reference_url": "http://www.theinquirer.net/inquirer/news/1732956/security-researchers-destroy-microsoft-aspnet-security", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.theinquirer.net/inquirer/news/1732956/security-researchers-destroy-microsoft-aspnet-security" }, { "reference_url": "http://www.troyhunt.com/2010/09/fear-uncertainty-and-and-padding-oracle.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.troyhunt.com/2010/09/fear-uncertainty-and-and-padding-oracle.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2429", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2429" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2751", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2751" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:internet_information_services:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:internet_information_services:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:internet_information_services:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:.net_framework:4.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3332", "reference_id": "CVE-2010-3332", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3332" }, { "reference_url": "http://blog.mindedsecurity.com/2010/10/breaking-net-encryption-with-or-without.html", "reference_id": "CVE-2010-3332;OSVDB-68127;MS10-070", "reference_type": "exploit", "scores": [], "url": "http://blog.mindedsecurity.com/2010/10/breaking-net-encryption-with-or-without.html" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/asp/remote/15213.pl", "reference_id": "CVE-2010-3332;OSVDB-68127;MS10-070", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/asp/remote/15213.pl" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/asp/remote/15265.rb", "reference_id": "CVE-2010-3332;OSVDB-68127;MS10-070", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/asp/remote/15265.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/15292.rb", "reference_id": "CVE-2010-3332;OSVDB-68127;MS10-070", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/15292.rb" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" } ], "weaknesses": [ { "cwe_id": 209, "name": "Generation of Error Message Containing Sensitive Information", "description": "The product generates an error message that includes sensitive information about its environment, users, or associated data." } ], "exploits": [ { "date_added": "2010-10-20", "description": "Microsoft ASP.NET - Auto-Decryptor File Download (MS10-070)", "required_action": null, "due_date": null, "notes": null, "known_ransomware_campaign_use": true, "source_date_published": "2010-10-20", "exploit_type": "remote", "platform": "windows", "source_date_updated": "2010-10-20", "data_source": "Exploit-DB", "source_url": "" } ], "severity_range_score": "6.4 - 6.4", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ecs-v7qx-wqeg" }