GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/62819?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62819?format=api",
    "vulnerability_id": "VCID-rff5-96dg-qqgp",
    "summary": "On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. *Note: this issue only affects Linux. Other operating systems are not affected.*",
    "aliases": [
        {
            "alias": "CVE-2017-5426"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/371575?format=api",
            "purl": "pkg:alpm/archlinux/firefox@52.0-1",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@52.0-1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/583594?format=api",
            "purl": "pkg:deb/debian/firefox@52.0-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@52.0-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api",
            "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api",
            "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api",
            "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api",
            "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api",
            "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1112518?format=api",
            "purl": "pkg:deb/debian/firefox@150.0.3-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.3-1%3Fdistro=sid"
        }
    ],
    "affected_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/371574?format=api",
            "purl": "pkg:alpm/archlinux/firefox@51.0.1-1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-22xt-tnu1-gyhu"
                },
                {
                    "vulnerability": "VCID-3dy5-4e6w-3kgt"
                },
                {
                    "vulnerability": "VCID-3ehk-593t-abcp"
                },
                {
                    "vulnerability": "VCID-3nup-1513-ybaq"
                },
                {
                    "vulnerability": "VCID-3tww-nhmh-gua6"
                },
                {
                    "vulnerability": "VCID-667g-8khd-kkhm"
                },
                {
                    "vulnerability": "VCID-6b9m-3w58-qydd"
                },
                {
                    "vulnerability": "VCID-6m1t-sn26-fbaf"
                },
                {
                    "vulnerability": "VCID-6wce-w5a8-2qet"
                },
                {
                    "vulnerability": "VCID-6wy1-juan-8ua8"
                },
                {
                    "vulnerability": "VCID-dxr7-qubc-tyb7"
                },
                {
                    "vulnerability": "VCID-ecmf-7x8a-jugv"
                },
                {
                    "vulnerability": "VCID-erx8-1tfq-kyce"
                },
                {
                    "vulnerability": "VCID-gshc-3brh-c3dr"
                },
                {
                    "vulnerability": "VCID-jwze-7mfw-r3ax"
                },
                {
                    "vulnerability": "VCID-npyt-d8qr-wqdj"
                },
                {
                    "vulnerability": "VCID-qdc5-1z7p-zqar"
                },
                {
                    "vulnerability": "VCID-r8en-yg26-w3a1"
                },
                {
                    "vulnerability": "VCID-re3h-pcpx-puhe"
                },
                {
                    "vulnerability": "VCID-rff5-96dg-qqgp"
                },
                {
                    "vulnerability": "VCID-ssxw-2rbk-cyfe"
                },
                {
                    "vulnerability": "VCID-t4bj-qz9s-s7eb"
                },
                {
                    "vulnerability": "VCID-w67x-2qg8-v7gv"
                },
                {
                    "vulnerability": "VCID-w7g1-ub97-gqdd"
                },
                {
                    "vulnerability": "VCID-zpz5-xyxk-4fby"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@51.0.1-1"
        }
    ],
    "references": [
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5426",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53739",
                    "published_at": "2026-05-14T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53628",
                    "published_at": "2026-04-29T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.5358",
                    "published_at": "2026-05-05T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53627",
                    "published_at": "2026-05-07T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53678",
                    "published_at": "2026-05-09T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53641",
                    "published_at": "2026-05-11T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53667",
                    "published_at": "2026-05-12T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53578",
                    "published_at": "2026-04-01T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53602",
                    "published_at": "2026-04-02T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.5363",
                    "published_at": "2026-04-04T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53599",
                    "published_at": "2026-04-07T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.5365",
                    "published_at": "2026-04-24T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53648",
                    "published_at": "2026-04-09T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53697",
                    "published_at": "2026-04-11T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53681",
                    "published_at": "2026-04-12T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53664",
                    "published_at": "2026-04-13T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53701",
                    "published_at": "2026-04-16T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53706",
                    "published_at": "2026-04-18T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53688",
                    "published_at": "2026-04-21T12:55:00Z"
                },
                {
                    "value": "0.00304",
                    "scoring_system": "epss",
                    "scoring_elements": "0.53663",
                    "published_at": "2026-04-26T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5426"
        },
        {
            "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1257361",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1257361"
        },
        {
            "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "5.1",
                    "scoring_system": "cvssv2",
                    "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P"
                }
            ],
            "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
        },
        {
            "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-05/",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://www.mozilla.org/security/advisories/mfsa2017-05/"
        },
        {
            "reference_url": "https://www.mozilla.org/security/advisories/mfsa2017-09/",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://www.mozilla.org/security/advisories/mfsa2017-09/"
        },
        {
            "reference_url": "http://www.securityfocus.com/bid/96694",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.securityfocus.com/bid/96694"
        },
        {
            "reference_url": "http://www.securitytracker.com/id/1037966",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.securitytracker.com/id/1037966"
        },
        {
            "reference_url": "https://security.archlinux.org/ASA-201703-3",
            "reference_id": "ASA-201703-3",
            "reference_type": "",
            "scores": [],
            "url": "https://security.archlinux.org/ASA-201703-3"
        },
        {
            "reference_url": "https://security.archlinux.org/AVG-194",
            "reference_id": "AVG-194",
            "reference_type": "",
            "scores": [
                {
                    "value": "Critical",
                    "scoring_system": "archlinux",
                    "scoring_elements": ""
                }
            ],
            "url": "https://security.archlinux.org/AVG-194"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5426",
            "reference_id": "CVE-2017-5426",
            "reference_type": "",
            "scores": [
                {
                    "value": "5.0",
                    "scoring_system": "cvssv2",
                    "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
                },
                {
                    "value": "5.3",
                    "scoring_system": "cvssv3",
                    "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
                }
            ],
            "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5426"
        },
        {
            "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05",
            "reference_id": "mfsa2017-05",
            "reference_type": "",
            "scores": [
                {
                    "value": "critical",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"
        },
        {
            "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09",
            "reference_id": "mfsa2017-09",
            "reference_type": "",
            "scores": [
                {
                    "value": "critical",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-09"
        },
        {
            "reference_url": "https://usn.ubuntu.com/3216-1/",
            "reference_id": "USN-3216-1",
            "reference_type": "",
            "scores": [],
            "url": "https://usn.ubuntu.com/3216-1/"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 732,
            "name": "Incorrect Permission Assignment for Critical Resource",
            "description": "The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors."
        }
    ],
    "exploits": [],
    "severity_range_score": "5.0 - 10.0",
    "exploitability": "0.5",
    "weighted_severity": "9.0",
    "risk_score": 4.5,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rff5-96dg-qqgp"
}