VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/1256?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/1256?format=api",
    "purl": "pkg:mozilla/Firefox@36.0.3",
    "type": "mozilla",
    "namespace": "",
    "name": "Firefox",
    "version": "36.0.3",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": false,
    "next_non_vulnerable_version": "36.0.4",
    "latest_non_vulnerable_version": "151.0.0",
    "affected_by_vulnerabilities": [],
    "fixing_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3047?format=api",
            "vulnerability_id": "VCID-q89v-v5au-w7a1",
            "summary": "Security researcher ilxu1a reported, through HP Zero Day\nInitiative's Pwn2Own contest, a flaw in Mozilla's implementation of typed array\nbounds checking in JavaScript just-in-time compilation (JIT) and its management\nof bounds checking for heap access. This flaw can be leveraged into the reading\nand writing of memory allowing for arbitrary code execution on the local system.",
            "references": [
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817",
                    "reference_id": "CVE-2015-0817",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817"
                },
                {
                    "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-29",
                    "reference_id": "mfsa2015-29",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "critical",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-29"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1256?format=api",
                    "purl": "pkg:mozilla/Firefox@36.0.3",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@36.0.3"
                }
            ],
            "aliases": [
                "CVE-2015-0817"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q89v-v5au-w7a1"
        }
    ],
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@36.0.3"
}

Package Instance