Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/86914?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86914?format=api", "vulnerability_id": "VCID-xsph-7dte-uuez", "summary": "mongodb: memory over-read via incorrect BSON object length", "aliases": [ { "alias": "CVE-2012-6619" } ], "fixed_packages": [], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/122632?format=api", "purl": "pkg:rpm/redhat/condor@7.8.10-0.1?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-vr7h-h2ha-ckc6" }, { "vulnerability": "VCID-xsph-7dte-uuez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/condor@7.8.10-0.1%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/122630?format=api", "purl": "pkg:rpm/redhat/cumin@0.1.5797-1?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-vr7h-h2ha-ckc6" }, { "vulnerability": "VCID-xsph-7dte-uuez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cumin@0.1.5797-1%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/122634?format=api", "purl": "pkg:rpm/redhat/mongodb@1.6.4-7?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-vr7h-h2ha-ckc6" }, { "vulnerability": "VCID-xsph-7dte-uuez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mongodb@1.6.4-7%3Farch=el6" }, { "url": "http://public2.vulnerablecode.io/api/packages/125662?format=api", "purl": "pkg:rpm/redhat/mongodb@2.2.4-4?arch=el6ost", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xsph-7dte-uuez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mongodb@2.2.4-4%3Farch=el6ost" }, { "url": "http://public2.vulnerablecode.io/api/packages/117515?format=api", "purl": "pkg:rpm/redhat/mongodb@2.4.9-3?arch=el7sat", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1yu9-avtx-cybv" }, { "vulnerability": "VCID-7f1h-1fw8-k7c4" }, { "vulnerability": "VCID-8wen-twwa-8khm" }, { "vulnerability": "VCID-jau7-gfz8-dkfa" }, { "vulnerability": "VCID-rc65-py17-kuhm" }, { "vulnerability": "VCID-sqjb-qpyd-p7gn" }, { "vulnerability": "VCID-tbug-mv5x-uucb" }, { "vulnerability": "VCID-xsph-7dte-uuez" }, { "vulnerability": "VCID-zkgb-14kz-33dz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mongodb@2.4.9-3%3Farch=el7sat" }, { "url": "http://public2.vulnerablecode.io/api/packages/122631?format=api", "purl": "pkg:rpm/redhat/mrg-release@2.5.0-1?arch=el6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-vr7h-h2ha-ckc6" }, { "vulnerability": "VCID-xsph-7dte-uuez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mrg-release@2.5.0-1%3Farch=el6" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6619.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6619.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79406", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79413", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79435", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79423", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.7945", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79481", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79464", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79453", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79484", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79482", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79485", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79517", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79523", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79539", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79553", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79575", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01265", "scoring_system": "epss", "scoring_elements": "0.79593", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6619" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049748", "reference_id": "1049748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0230", "reference_id": "RHSA-2014:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0440", "reference_id": "RHSA-2014:0440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0440" } ], "weaknesses": [ { "cwe_id": 125, "name": "Out-of-bounds Read", "description": "The product reads data past the end, or before the beginning, of the intended buffer." }, { "cwe_id": 200, "name": "Exposure of Sensitive Information to an Unauthorized Actor", "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information." } ], "exploits": [], "severity_range_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xsph-7dte-uuez" }