Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/63637?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63637?format=api", "vulnerability_id": "VCID-72te-4wq1-f7gh", "summary": "Firefox for Android includes a Crash Reporter which sends crash data to\nMozilla for analysis. Security researcher Roee Hay reported\nthat third party Android applications could launch the crash reporter with their\nown arguments. Normally applications cannot read the private files of another\napplication, but this vulnerability allowed a malicious application to specify a\nlocal file in the Firefox profile and it to its own server leading to\ninformation disclosure. The crash reporter can also be invoked in a manner\ncausing an immediate crash of Firefox, leading to a potential denial of service\n(DOS) attack.", "aliases": [ { "alias": "CVE-2014-1506" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86735?format=api", "purl": "pkg:mozilla/Firefox@28.0.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@28.0.0" } ], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81498", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81324", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81333", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81355", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81354", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81382", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81387", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81409", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81397", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81389", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81426", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81427", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81449", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81457", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81461", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81479", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1506", "reference_id": "CVE-2014-1506", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1506" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-24", "reference_id": "mfsa2014-24", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-24" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72te-4wq1-f7gh" }