Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/63622?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63622?format=api", "vulnerability_id": "VCID-pp1a-v6rw-a3g3", "summary": "Security researcher Jukka Jylänki reported a crash in\nthe the Cairo graphics library. This happens when Cairo paints out-of-bounds to\nthe destination buffer in the compositing function when working with canvas in\ncertain circumstances. This issue allows malicious web content to cause a\npotentially exploitable crash.\nThis issue only affects Firefox 28 and Seamonkey 2.25 on\nWindows. Earlier versions of both products and installations on Linux and OS X\nwere unaffected", "aliases": [ { "alias": "CVE-2014-1528" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86727?format=api", "purl": "pkg:mozilla/Firefox@29.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@29.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/86730?format=api", "purl": "pkg:mozilla/Seamonkey@2.26.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Seamonkey@2.26.0" } ], "affected_packages": [], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1528.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1528.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79602", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79365", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79372", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79394", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79381", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79408", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79417", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79441", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79413", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79444", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79443", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79447", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.7948", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79486", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79501", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79516", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79536", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79554", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79551", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0126", "scoring_system": "epss", "scoring_elements": "0.79567", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1528" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1096585", "reference_id": "1096585", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1096585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1528", "reference_id": "CVE-2014-1528", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1528" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-41", "reference_id": "mfsa2014-41", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-41" }, { "reference_url": "https://usn.ubuntu.com/2185-1/", "reference_id": "USN-2185-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2185-1/" } ], "weaknesses": [ { "cwe_id": 787, "name": "Out-of-bounds Write", "description": "The product writes data past the end, or before the beginning, of the intended buffer." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pp1a-v6rw-a3g3" }