Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/87540?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87540?format=api", "vulnerability_id": "VCID-mbz2-9g8q-u7e5", "summary": "kernel: buffer overflow in OSS load_mixer_volumes", "aliases": [ { "alias": "CVE-2010-4527" } ], "fixed_packages": [], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/127402?format=api", "purl": "pkg:rpm/redhat/kernel@2.6.9-100?arch=EL", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-mbz2-9g8q-u7e5" }, { "vulnerability": "VCID-uxye-sz24-dqd4" }, { "vulnerability": "VCID-xr4s-smmp-fubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.9-100%3Farch=EL" } ], "references": [ { "reference_url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d81a12bc29ae4038770e05dce4ab7f26fd5880fb", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d81a12bc29ae4038770e05dce4ab7f26fd5880fb" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2010/12/31/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2010/12/31/1" }, { "reference_url": "http://openwall.com/lists/oss-security/2010/12/31/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2010/12/31/4" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4527.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4527.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4527", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15273", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15411", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15451", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15521", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15409", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15421", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15381", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15316", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15233", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15238", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.1529", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.1533", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15328", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4527" }, { "reference_url": "http://secunia.com/advisories/42765", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42765" }, { "reference_url": "http://secunia.com/advisories/43291", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43291" }, { "reference_url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37" }, { "reference_url": "http://www.securityfocus.com/bid/45629", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/45629" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0375", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0375" }, { "reference_url": "http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=667615", "reference_id": "667615", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667615" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4527", "reference_id": "CVE-2010-4527", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0263", "reference_id": "RHSA-2011:0263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0263" }, { "reference_url": "https://usn.ubuntu.com/1080-1/", "reference_id": "USN-1080-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1080-1/" }, { "reference_url": "https://usn.ubuntu.com/1080-2/", "reference_id": "USN-1080-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1080-2/" }, { "reference_url": "https://usn.ubuntu.com/1081-1/", "reference_id": "USN-1081-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1081-1/" }, { "reference_url": "https://usn.ubuntu.com/1093-1/", "reference_id": "USN-1093-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1093-1/" }, { "reference_url": "https://usn.ubuntu.com/1111-1/", "reference_id": "USN-1111-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1111-1/" }, { "reference_url": "https://usn.ubuntu.com/1119-1/", "reference_id": "USN-1119-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1119-1/" }, { "reference_url": "https://usn.ubuntu.com/1133-1/", "reference_id": "USN-1133-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1133-1/" }, { "reference_url": "https://usn.ubuntu.com/1164-1/", "reference_id": "USN-1164-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1164-1/" }, { "reference_url": "https://usn.ubuntu.com/1187-1/", "reference_id": "USN-1187-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1187-1/" } ], "weaknesses": [ { "cwe_id": 120, "name": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "description": "The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow." } ], "exploits": [], "severity_range_score": "6.9 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mbz2-9g8q-u7e5" }