Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/182501?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/182501?format=api", "purl": "pkg:rpm/redhat/rubygem-rack-accept@0.4.3-6?arch=el6_0", "type": "rpm", "namespace": "redhat", "name": "rubygem-rack-accept", "version": "0.4.3-6", "qualifiers": { "arch": "el6_0" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/115150?format=api", "vulnerability_id": "VCID-1vr8-za4z-kuaq", "summary": "cumin: allows for editing internal Condor job attributes", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3459.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3459.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62431", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3459" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=846501", "reference_id": "846501", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=846501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-3459" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vr8-za4z-kuaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/115145?format=api", "vulnerability_id": "VCID-7s1g-wm88-2kej", "summary": "cumin: multiple XSS flaws", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2683.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2683.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2683", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64811", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2683" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=830243", "reference_id": "830243", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=830243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-2683" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7s1g-wm88-2kej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65271?format=api", "vulnerability_id": "VCID-93xk-hds8-abde", "summary": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3493.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3493.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.73801", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3493" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688210", "reference_id": "688210", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688210" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222", "reference_id": "848222", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-3493" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-93xk-hds8-abde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/115149?format=api", "vulnerability_id": "VCID-9apv-cwbq-nbfb", "summary": "cumin: session fixation flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2735.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2735.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60343", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2735" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=832151", "reference_id": "832151", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=832151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-2735" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9apv-cwbq-nbfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65269?format=api", "vulnerability_id": "VCID-bcj2-fcpf-zkgm", "summary": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3491.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3491.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0112", "scoring_system": "epss", "scoring_elements": "0.78574", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3491" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688210", "reference_id": "688210", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688210" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214", "reference_id": "848214", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-3491" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bcj2-fcpf-zkgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/115147?format=api", "vulnerability_id": "VCID-bzkz-63wq-xkcz", "summary": "cumin: DoS via large image requests", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2685.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2685.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2685", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01178", "scoring_system": "epss", "scoring_elements": "0.7908", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2685" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=830248", "reference_id": "830248", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=830248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-2685" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzkz-63wq-xkcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/115146?format=api", "vulnerability_id": "VCID-d6sb-hzzh-wugp", "summary": "cumin: SQL injection flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2684.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2684.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2684", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.70013", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2684" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=830245", "reference_id": "830245", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=830245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-2684" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d6sb-hzzh-wugp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/115143?format=api", "vulnerability_id": "VCID-grtg-qzdu-yua1", "summary": "cumin: weak session keys", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2681.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2681.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00651", "scoring_system": "epss", "scoring_elements": "0.71245", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2681" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=827558", "reference_id": "827558", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=827558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-2681" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-grtg-qzdu-yua1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65270?format=api", "vulnerability_id": "VCID-gxrq-4kmm-uufh", "summary": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3492.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.72338", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3492" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688210", "reference_id": "688210", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688210" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=848218", "reference_id": "848218", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-3492" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gxrq-4kmm-uufh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/115144?format=api", "vulnerability_id": "VCID-kdbk-88tu-bkap", "summary": "cumin: authentication bypass flaws", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2680.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2680.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2680", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.006", "scoring_system": "epss", "scoring_elements": "0.69823", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2680" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=829421", "reference_id": "829421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=829421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-2680" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kdbk-88tu-bkap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/115148?format=api", "vulnerability_id": "VCID-n46g-cz2r-7yay", "summary": "cumin: CSRF flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2734.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2734.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41359", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2734" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=832124", "reference_id": "832124", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=832124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1278", "reference_id": "RHSA-2012:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1281", "reference_id": "RHSA-2012:1281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1281" } ], "fixed_packages": [], "aliases": [ "CVE-2012-2734" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n46g-cz2r-7yay" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-rack-accept@0.4.3-6%3Farch=el6_0" }