Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/17763?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/17763?format=api", "purl": "pkg:pypi/freewvs@0.1.1", "type": "pypi", "namespace": "", "name": "freewvs", "version": "0.1.1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35586?format=api", "vulnerability_id": "VCID-3jaf-sdvt-dydn", "summary": "In freewvs before 0.1.1, a user could create a large file that freewvs will try to read, which will terminate a scan process. This has been patched in 0.1.1.", "references": [ { "reference_url": "https://github.com/schokokeksorg/freewvs/commit/18bbf2043e53f69e0119d24f8ae4edb274afb9b2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/schokokeksorg/freewvs/commit/18bbf2043e53f69e0119d24f8ae4edb274afb9b2" }, { "reference_url": "https://github.com/schokokeksorg/freewvs/security/advisories/GHSA-9cfv-9463-8gqv", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/schokokeksorg/freewvs/security/advisories/GHSA-9cfv-9463-8gqv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17763?format=api", "purl": "pkg:pypi/freewvs@0.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/freewvs@0.1.1" } ], "aliases": [ "CVE-2020-15100", "GHSA-9cfv-9463-8gqv", "PYSEC-2020-232" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3jaf-sdvt-dydn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35587?format=api", "vulnerability_id": "VCID-u9wf-wtur-rkcr", "summary": "In freewvs before 0.1.1, a directory structure of more than 1000 nested directories can interrupt a freewvs scan due to Python's recursion limit and os.walk(). This can be problematic in a case where an administrator scans the dirs of potentially untrusted users. This has been patched in 0.1.1.", "references": [ { "reference_url": "https://github.com/schokokeksorg/freewvs/commit/83a6b55c0435c69f447488b791555e6078803143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/schokokeksorg/freewvs/commit/83a6b55c0435c69f447488b791555e6078803143" }, { "reference_url": "https://github.com/schokokeksorg/freewvs/security/advisories/GHSA-7pmh-vrww-25xx", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/schokokeksorg/freewvs/security/advisories/GHSA-7pmh-vrww-25xx" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17763?format=api", "purl": "pkg:pypi/freewvs@0.1.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/freewvs@0.1.1" } ], "aliases": [ "CVE-2020-15101", "GHSA-7pmh-vrww-25xx", "PYSEC-2020-233" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9wf-wtur-rkcr" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/freewvs@0.1.1" }