Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/175643?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/175643?format=api", "purl": "pkg:rpm/redhat/ruby193-rubygem-ruby-prof@0.13.0-1?arch=el6cf", "type": "rpm", "namespace": "redhat", "name": "ruby193-rubygem-ruby-prof", "version": "0.13.0-1", "qualifiers": { "arch": "el6cf" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114047?format=api", "vulnerability_id": "VCID-66k3-q3b9-5yc5", "summary": "CFME: dangerous send method in performance.rb", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3642.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3642.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67739", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3642" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092894", "reference_id": "1092894", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092894" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1317", "reference_id": "RHSA-2014:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1317" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3642" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66k3-q3b9-5yc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114492?format=api", "vulnerability_id": "VCID-cm7h-jhnn-xbap", "summary": "2: miq_policy/explorer SQL injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2050.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.54161", "scoring_system": "epss", "scoring_elements": "0.98062", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2050" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=959062", "reference_id": "959062", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=959062" } ], "fixed_packages": [], "aliases": [ "CVE-2013-2050" ], "risk_score": 1.0, "exploitability": "2.0", "weighted_severity": "0.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cm7h-jhnn-xbap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114588?format=api", "vulnerability_id": "VCID-ega3-9wzs-muee", "summary": "interface: Ruby code injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4172.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4172.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4172", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00558", "scoring_system": "epss", "scoring_elements": "0.68573", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4172" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=988644", "reference_id": "988644", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=988644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1157", "reference_id": "RHSA-2013:1157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1157" } ], "fixed_packages": [], "aliases": [ "CVE-2013-4172" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ega3-9wzs-muee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58336?format=api", "vulnerability_id": "VCID-faaq-hgah-37av", "summary": "Random numbers generated by contrib/pgcrypto functions may be easy for another database user to guessmore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1900.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00566", "scoring_system": "epss", "scoring_elements": "0.68821", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2013-1900/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/support/security/CVE-2013-1900/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=929255", "reference_id": "929255", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=929255" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1475", "reference_id": "RHSA-2013:1475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1475" } ], "fixed_packages": [], "aliases": [ "CVE-2013-1900" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-faaq-hgah-37av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114491?format=api", "vulnerability_id": "VCID-kbua-zg8d-1bdy", "summary": "2: static secret_token.rb value", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2049.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2049.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.36585", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2049" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=959041", "reference_id": "959041", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=959041" } ], "fixed_packages": [], "aliases": [ "CVE-2013-2049" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kbua-zg8d-1bdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58337?format=api", "vulnerability_id": "VCID-swkw-zcep-subw", "summary": "A connection request containing a database name that begins with \"-\" may be crafted to damage or destroy files within a server's data directorymore details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1899.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1899.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.81124", "scoring_system": "epss", "scoring_elements": "0.9918", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2013-1899/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/support/security/CVE-2013-1899/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=929223", "reference_id": "929223", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=929223" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" } ], "fixed_packages": [], "aliases": [ "CVE-2013-1899" ], "risk_score": 1.4, "exploitability": "2.0", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swkw-zcep-subw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58335?format=api", "vulnerability_id": "VCID-t2tu-jx5e-5uhx", "summary": "An unprivileged user can run commands that could interfere with in-progress backups.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1901.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1901.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44015", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2013-1901/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/support/security/CVE-2013-1901/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=929328", "reference_id": "929328", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=929328" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" } ], "fixed_packages": [], "aliases": [ "CVE-2013-1901" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t2tu-jx5e-5uhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114046?format=api", "vulnerability_id": "VCID-vb9g-cbjt-kybe", "summary": "CFME: default routes expose controllers and actions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0140.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47724", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0140" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077359", "reference_id": "1077359", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1317", "reference_id": "RHSA-2014:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1317" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0140" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vb9g-cbjt-kybe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114489?format=api", "vulnerability_id": "VCID-vf3m-pymd-zbam", "summary": "CloudForms: user password stored in recoverable format", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4423.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4423.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4423", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27971", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4423" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018345", "reference_id": "1018345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018345" } ], "fixed_packages": [], "aliases": [ "CVE-2013-4423" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vf3m-pymd-zbam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114490?format=api", "vulnerability_id": "VCID-vmfv-kch1-uyh6", "summary": "EVM: CSRF", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0185.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0185.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27011", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0185" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=895345", "reference_id": "895345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=895345" } ], "fixed_packages": [], "aliases": [ "CVE-2013-0185" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vmfv-kch1-uyh6" } ], "fixing_vulnerabilities": [], "risk_score": "1.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby193-rubygem-ruby-prof@0.13.0-1%3Farch=el6cf" }