Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/175118?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/175118?format=api", "purl": "pkg:rpm/redhat/rubygem-sexp_processor@3.0.4-2?arch=el6op", "type": "rpm", "namespace": "redhat", "name": "rubygem-sexp_processor", "version": "3.0.4-2", "qualifiers": { "arch": "el6op" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114083?format=api", "vulnerability_id": "VCID-8du4-pguk-xufz", "summary": "OpenShift: /proc/net/tcp information disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3602.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15532", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3602" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131680", "reference_id": "1131680", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1796", "reference_id": "RHSA-2014:1796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1906", "reference_id": "RHSA-2014:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1906" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3602" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8du4-pguk-xufz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114241?format=api", "vulnerability_id": "VCID-dmps-nju4-syb1", "summary": "openshift-origin-broker: default password creation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0234.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0234.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0234", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92673", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0234" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097008", "reference_id": "1097008", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097008" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0234" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmps-nju4-syb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112086?format=api", "vulnerability_id": "VCID-hx86-64zz-8bds", "summary": "Jenkins Cross-Site Request Forgery vulnerabilities\nMultiple cross-site request forgery (CSRF) vulnerabilities in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary code or (2) initiate deployment of binaries to a Maven repository via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHEA-2013:1032", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHEA-2013:1032" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2034.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2034.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-2034", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-2034" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56322", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2034" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=958958", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=958958" }, { "reference_url": "https://issues.jenkins-ci.org/browse/SECURITY-63", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.jenkins-ci.org/browse/SECURITY-63" }, { "reference_url": "https://issues.jenkins-ci.org/browse/SECURITY-69", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.jenkins-ci.org/browse/SECURITY-69" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2034", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2034" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb" } ], "fixed_packages": [], "aliases": [ "CVE-2013-2034", "GHSA-fg4r-f9j2-36mw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hx86-64zz-8bds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65846?format=api", "vulnerability_id": "VCID-hxhy-qrkz-fkf5", "summary": "Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this is might be the same vulnerability as CVE-2013-1463. If so, it is likely that CVE-2013-1463 will be REJECTed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1808.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1808.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1808", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83388", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1808" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=918054", "reference_id": "918054", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918054" } ], "fixed_packages": [], "aliases": [ "CVE-2013-1808" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hxhy-qrkz-fkf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92837?format=api", "vulnerability_id": "VCID-nfkr-vhvf-j3hz", "summary": "mcollective has a default password set at install", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0175.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0175.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0175", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65521", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0175" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086381", "reference_id": "1086381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086381" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0175" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nfkr-vhvf-j3hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114002?format=api", "vulnerability_id": "VCID-ww5y-dfs2-ubef", "summary": "Enterprise: gears fail to properly isolate network traffic", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3674.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3674.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.61032", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3674" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1148170", "reference_id": "1148170", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1148170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1796", "reference_id": "RHSA-2014:1796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1906", "reference_id": "RHSA-2014:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1906" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3674" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ww5y-dfs2-ubef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51286?format=api", "vulnerability_id": "VCID-x2kn-aegv-9ya6", "summary": "openshift-origin-node Improper Input Validation vulnerability\nRuby gem openshift-origin-node before 2014-02-14 does not\ncontain a cronjob timeout which could result in a denial of\nservice in cron.daily and cron.weekly.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:0487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:0487" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0084.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0084.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-0084", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-0084" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0084", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.30781", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0084" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065198", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065198" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0084", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0084" }, { "reference_url": "https://github.com/openshift/origin-server", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openshift/origin-server" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openshift-origin-node/CVE-2014-0084.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openshift-origin-node/CVE-2014-0084.yml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0084", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0084" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0084", "GHSA-756m-3qf2-hp58" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x2kn-aegv-9ya6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43860?format=api", "vulnerability_id": "VCID-z5ed-ujrf-2ka2", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCVE-2013-2033 Jenkins: Build Description XSS", "references": [ { "reference_url": "https://access.redhat.com/errata/RHEA-2013:1032", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHEA-2013:1032" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2033.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2033.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2033", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39046", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2033" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=958957", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=958957" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84004", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84004" }, { "reference_url": "https://issues.jenkins-ci.org/browse/SECURITY-67", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.jenkins-ci.org/browse/SECURITY-67" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-2033", "reference_id": "CVE-2013-2033", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-2033" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2033", "reference_id": "CVE-2013-2033", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2033" }, { "reference_url": "https://github.com/advisories/GHSA-826f-32qm-vm3j", "reference_id": "GHSA-826f-32qm-vm3j", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-826f-32qm-vm3j" } ], "fixed_packages": [], "aliases": [ "CVE-2013-2033", "GHSA-826f-32qm-vm3j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z5ed-ujrf-2ka2" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-sexp_processor@3.0.4-2%3Farch=el6op" }