Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/86830?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86830?format=api", "vulnerability_id": "VCID-wuvg-4ef2-xbdu", "summary": "7: bypass of the security level setting in browser plugin (Deployment, SE-2012-01 Issue 53)", "aliases": [ { "alias": "CVE-2013-1489" } ], "fixed_packages": [], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/124830?format=api", "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1:1.7.0.13-1jpp.1?arch=el5_9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15qm-fyc8-f3da" }, { "vulnerability": "VCID-2g73-94ue-wbac" }, { "vulnerability": "VCID-3ehy-szsm-qqcd" }, { "vulnerability": "VCID-3gv3-fegj-1qb4" }, { "vulnerability": "VCID-4hus-uqjr-1kag" }, { "vulnerability": "VCID-7dwd-t56z-nyga" }, { "vulnerability": "VCID-9b24-nsw7-yyfx" }, { "vulnerability": "VCID-ands-9hzf-1qgk" }, { "vulnerability": "VCID-eav9-k1cf-8uaq" }, { "vulnerability": "VCID-gagr-4wpm-uye5" }, { "vulnerability": "VCID-hb7c-tfkx-sfec" }, { "vulnerability": "VCID-j6nz-htn7-ubbr" }, { "vulnerability": "VCID-j9z8-5zpv-8bhy" }, { "vulnerability": "VCID-jpam-uapv-tfch" }, { "vulnerability": "VCID-jsar-ckqj-67ew" }, { "vulnerability": "VCID-jt92-wb33-k3bs" }, { "vulnerability": "VCID-k22n-2xpj-augm" }, { "vulnerability": "VCID-mym5-f9ns-t3cn" }, { "vulnerability": "VCID-prza-8x9q-nfhc" }, { "vulnerability": "VCID-qb3m-qxb4-vydk" }, { "vulnerability": "VCID-rp28-xxta-67gr" }, { "vulnerability": "VCID-skq8-j6yq-1bgq" }, { "vulnerability": "VCID-t42f-1uff-buer" }, { "vulnerability": "VCID-t6qx-k3n7-a7en" }, { "vulnerability": "VCID-t7b6-9vnd-6be1" }, { "vulnerability": "VCID-tkuc-9da4-vqdk" }, { "vulnerability": "VCID-tn8p-wsmb-93h7" }, { "vulnerability": "VCID-tr2q-ye8m-8ke7" }, { "vulnerability": "VCID-trqz-42v7-3ues" }, { "vulnerability": "VCID-tu9y-6vmr-k3ft" }, { "vulnerability": "VCID-uaur-z1tw-v7gk" }, { "vulnerability": "VCID-ut7m-y9d5-y7h1" }, { "vulnerability": "VCID-w2fp-p4vj-q3ar" }, { "vulnerability": "VCID-wfkg-16pe-wba2" }, { "vulnerability": "VCID-wuvg-4ef2-xbdu" }, { "vulnerability": "VCID-xjxt-uybu-27dt" }, { "vulnerability": "VCID-zncv-7rwk-nket" }, { "vulnerability": "VCID-zxe5-nrnq-e7fz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.0-oracle@1:1.7.0.13-1jpp.1%3Farch=el5_9" }, { "url": "http://public2.vulnerablecode.io/api/packages/124833?format=api", "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1:1.7.0.13-1jpp.3?arch=el6_3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15qm-fyc8-f3da" }, { "vulnerability": "VCID-2g73-94ue-wbac" }, { "vulnerability": "VCID-3ehy-szsm-qqcd" }, { "vulnerability": "VCID-3gv3-fegj-1qb4" }, { "vulnerability": "VCID-4hus-uqjr-1kag" }, { "vulnerability": "VCID-7dwd-t56z-nyga" }, { "vulnerability": "VCID-9b24-nsw7-yyfx" }, { "vulnerability": "VCID-ands-9hzf-1qgk" }, { "vulnerability": "VCID-eav9-k1cf-8uaq" }, { "vulnerability": "VCID-gagr-4wpm-uye5" }, { "vulnerability": "VCID-hb7c-tfkx-sfec" }, { "vulnerability": "VCID-j6nz-htn7-ubbr" }, { "vulnerability": "VCID-j9z8-5zpv-8bhy" }, { "vulnerability": "VCID-jpam-uapv-tfch" }, { "vulnerability": "VCID-jsar-ckqj-67ew" }, { "vulnerability": "VCID-jt92-wb33-k3bs" }, { "vulnerability": "VCID-k22n-2xpj-augm" }, { "vulnerability": "VCID-mym5-f9ns-t3cn" }, { "vulnerability": "VCID-prza-8x9q-nfhc" }, { "vulnerability": "VCID-qb3m-qxb4-vydk" }, { "vulnerability": "VCID-rp28-xxta-67gr" }, { "vulnerability": "VCID-skq8-j6yq-1bgq" }, { "vulnerability": "VCID-t42f-1uff-buer" }, { "vulnerability": "VCID-t6qx-k3n7-a7en" }, { "vulnerability": "VCID-t7b6-9vnd-6be1" }, { "vulnerability": "VCID-tkuc-9da4-vqdk" }, { "vulnerability": "VCID-tn8p-wsmb-93h7" }, { "vulnerability": "VCID-tr2q-ye8m-8ke7" }, { "vulnerability": "VCID-trqz-42v7-3ues" }, { "vulnerability": "VCID-tu9y-6vmr-k3ft" }, { "vulnerability": "VCID-uaur-z1tw-v7gk" }, { "vulnerability": "VCID-ut7m-y9d5-y7h1" }, { "vulnerability": "VCID-w2fp-p4vj-q3ar" }, { "vulnerability": "VCID-wfkg-16pe-wba2" }, { "vulnerability": "VCID-wuvg-4ef2-xbdu" }, { "vulnerability": "VCID-xjxt-uybu-27dt" }, { "vulnerability": "VCID-zncv-7rwk-nket" }, { "vulnerability": "VCID-zxe5-nrnq-e7fz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.0-oracle@1:1.7.0.13-1jpp.3%3Farch=el6_3" } ], "references": [ { "reference_url": "http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53" }, { "reference_url": "http://marc.info/?l=bugtraq&m=136439120408139&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=136439120408139&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=136733161405818&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=136733161405818&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1489.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1489.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1489", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17322", "scoring_system": "epss", "scoring_elements": "0.9506", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.17322", "scoring_system": "epss", "scoring_elements": "0.95056", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.17322", "scoring_system": "epss", "scoring_elements": "0.95059", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.17322", "scoring_system": "epss", "scoring_elements": "0.95061", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.21859", "scoring_system": "epss", "scoring_elements": "0.95752", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21859", "scoring_system": "epss", "scoring_elements": "0.95723", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21859", "scoring_system": "epss", "scoring_elements": "0.95759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21859", "scoring_system": "epss", "scoring_elements": "0.95758", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21859", "scoring_system": "epss", "scoring_elements": "0.95755", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21859", "scoring_system": "epss", "scoring_elements": "0.95733", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.21859", "scoring_system": "epss", "scoring_elements": "0.9574", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21859", "scoring_system": "epss", "scoring_elements": "0.95743", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1489" }, { "reference_url": "http://seclists.org/fulldisclosure/2013/Jan/241", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2013/Jan/241" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15906" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19171", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19171" }, { "reference_url": "http://thenextweb.com/insider/2013/01/28/new-vulnerability-bypasses-oracles-attempt-to-stop-malware-drive-by-downloads-via-java-applets/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thenextweb.com/insider/2013/01/28/new-vulnerability-bypasses-oracles-attempt-to-stop-malware-drive-by-downloads-via-java-applets/" }, { "reference_url": "http://www.informationweek.com/security/application-security/java-security-work-remains-bug-hunter-sa/240147150", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.informationweek.com/security/application-security/java-security-work-remains-bug-hunter-sa/240147150" }, { "reference_url": "http://www.kb.cert.org/vuls/id/858729", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/858729" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html" }, { "reference_url": "http://www.scmagazine.com.au/News/330453%2Cjava-still-unsafe-new-flaws-discovered.aspx", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.scmagazine.com.au/News/330453%2Cjava-still-unsafe-new-flaws-discovered.aspx" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html" }, { "reference_url": "http://www.zdnet.com/java-update-doesnt-prevent-silent-exploits-at-all-7000010422/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.zdnet.com/java-update-doesnt-prevent-silent-exploits-at-all-7000010422/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=906449", "reference_id": "906449", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906449" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:windows:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:windows:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:windows:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:windows:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:windows:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:windows:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:windows:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:windows:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:windows:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:windows:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:windows:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:windows:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1489", "reference_id": "CVE-2013-1489", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0237", "reference_id": "RHSA-2013:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0237" } ], "weaknesses": [], "exploits": [], "severity_range_score": "10.0 - 10.0", "exploitability": "0.5", "weighted_severity": "9.0", "risk_score": 4.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wuvg-4ef2-xbdu" }