Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/164630?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/164630?format=api", "purl": "pkg:rpm/redhat/rubygem-fastercsv@1.5.4-10?arch=el6sat", "type": "rpm", "namespace": "redhat", "name": "rubygem-fastercsv", "version": "1.5.4-10", "qualifiers": { "arch": "el6sat" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113765?format=api", "vulnerability_id": "VCID-2nna-s9bv-sycc", "summary": "foreman: lack of SSL certificate validation when performing LDAPS authentication", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208602", "reference_id": "1208602", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208602" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1816" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2nna-s9bv-sycc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114060?format=api", "vulnerability_id": "VCID-bumt-76s4-47da", "summary": "foreman: cross-site scripting (XSS) flaw in template preview screen", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1145398", "reference_id": "1145398", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1145398" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3653" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bumt-76s4-47da" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113555?format=api", "vulnerability_id": "VCID-m7u7-uh4a-8yhe", "summary": "foreman: edit_users permission allows changing of admin passwords", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232366", "reference_id": "1232366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232366" } ], "fixed_packages": [], "aliases": [ "CVE-2015-3235" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m7u7-uh4a-8yhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113707?format=api", "vulnerability_id": "VCID-qjt7-u7kg-4kb9", "summary": "foreman: API not scoping resources to taxonomies", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207589", "reference_id": "1207589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207589" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1844" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjt7-u7kg-4kb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113626?format=api", "vulnerability_id": "VCID-r6rk-smsu-m7d5", "summary": "foreman: the _session_id cookie is issued without the Secure flag", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216035", "reference_id": "1216035", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216035" } ], "fixed_packages": [], "aliases": [ "CVE-2015-3155" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r6rk-smsu-m7d5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114111?format=api", "vulnerability_id": "VCID-u4r1-a2p1-q7cm", "summary": "rhn_satellite_6: cross-site request forgery (CSRF) can force logout", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128108", "reference_id": "1128108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128108" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3590" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4r1-a2p1-q7cm" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-fastercsv@1.5.4-10%3Farch=el6sat" }