Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/63452?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63452?format=api", "vulnerability_id": "VCID-n9js-dkvj-b3fz", "summary": "A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash.*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106.", "aliases": [ { "alias": "CVE-2022-46884" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/583094?format=api", "purl": "pkg:deb/debian/firefox@106.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@106.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" } ], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46884", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42439", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42297", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42522", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42583", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43267", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43252", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43313", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43302", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.433", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.4325", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43279", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43216", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46884" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2022-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2022-44/", "reference_id": "mfsa2022-44", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T20:25:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2022-44/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1786818", "reference_id": "show_bug.cgi?id=1786818", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T20:25:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1786818" } ], "weaknesses": [], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n9js-dkvj-b3fz" }