Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/174091?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/174091?format=api", "purl": "pkg:deb/debian/exiv2@0.17-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "exiv2", "version": "0.17-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "0.24-4.1", "latest_non_vulnerable_version": "0.28.8+dfsg-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7031?format=api", "vulnerability_id": "VCID-pfrj-s55f-7ubw", "summary": "Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to \"pretty printing\" and the RationalValue::toLong function.", "references": [ { "reference_url": "http://bugzilla.gnome.org/show_bug.cgi?id=524715", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=524715" }, { "reference_url": "http://dev.robotbattle.com/bugs/view.php?id=0000546", "reference_id": "", "reference_type": "", "scores": [], "url": "http://dev.robotbattle.com/bugs/view.php?id=0000546" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2696", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.83044", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2696" }, { "reference_url": "http://secunia.com/advisories/30519", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30519" }, { "reference_url": "http://secunia.com/advisories/32273", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32273" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42885" }, { "reference_url": "http://www.exiv2.org/changelog.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.exiv2.org/changelog.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:119", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:119" }, { "reference_url": "http://www.securityfocus.com/bid/29586", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/29586" }, { "reference_url": "http://www.ubuntu.com/usn/usn-655-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-655-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/1766/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/1766/references" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486328", "reference_id": "486328", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486328" }, { "reference_url": "https://usn.ubuntu.com/655-1/", "reference_id": "USN-655-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/655-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/174091?format=api", "purl": "pkg:deb/debian/exiv2@0.17-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.17-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/174087?format=api", "purl": "pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5m46-2feu-yuh1" }, { "vulnerability": "VCID-9nxb-v8b8-bkcf" }, { "vulnerability": "VCID-bpyz-ymzy-zufs" }, { "vulnerability": "VCID-cs4q-3rwr-vke4" }, { "vulnerability": "VCID-jtxa-kc5c-z7cr" }, { "vulnerability": "VCID-p48j-jh17-7fa9" }, { "vulnerability": "VCID-pxbv-ypp8-wkfs" }, { "vulnerability": "VCID-yyhh-t98b-cyen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/174085?format=api", "purl": "pkg:deb/debian/exiv2@0.27.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5m46-2feu-yuh1" }, { "vulnerability": "VCID-9nxb-v8b8-bkcf" }, { "vulnerability": "VCID-bpyz-ymzy-zufs" }, { "vulnerability": "VCID-cs4q-3rwr-vke4" }, { "vulnerability": "VCID-jtxa-kc5c-z7cr" }, { "vulnerability": "VCID-p48j-jh17-7fa9" }, { "vulnerability": "VCID-yyhh-t98b-cyen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/174089?format=api", "purl": "pkg:deb/debian/exiv2@0.28.5%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9nxb-v8b8-bkcf" }, { "vulnerability": "VCID-bpyz-ymzy-zufs" }, { "vulnerability": "VCID-cs4q-3rwr-vke4" }, { "vulnerability": "VCID-p48j-jh17-7fa9" }, { "vulnerability": "VCID-yyhh-t98b-cyen" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.28.5%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/174088?format=api", "purl": "pkg:deb/debian/exiv2@0.28.8%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.28.8%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-2696", "PYSEC-2008-11" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pfrj-s55f-7ubw" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.17-1%3Fdistro=trixie" }