Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/190831?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/190831?format=api", "purl": "pkg:apk/alpine/recutils@1.9-r0?arch=x86_64&distroversion=v3.20&reponame=community", "type": "apk", "namespace": "alpine", "name": "recutils", "version": "1.9-r0", "qualifiers": { "arch": "x86_64", "distroversion": "v3.20", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/208965?format=api", "vulnerability_id": "VCID-k2k9-5ttk-gygx", "summary": "An Use-After-Free vulnerability in rec_mset_elem_destroy() at rec-mset.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-46022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3866", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38682", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38672", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45475", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-46022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46022" }, { "reference_url": "https://usn.ubuntu.com/7137-1/", "reference_id": "USN-7137-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7137-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190831?format=api", "purl": "pkg:apk/alpine/recutils@1.9-r0?arch=x86_64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/recutils@1.9-r0%3Farch=x86_64&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2021-46022" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k2k9-5ttk-gygx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/208962?format=api", "vulnerability_id": "VCID-zufq-nh9v-g7at", "summary": "An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-46019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39736", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.3976", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.3975", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46815", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-46019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46019" }, { "reference_url": "https://usn.ubuntu.com/7137-1/", "reference_id": "USN-7137-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7137-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190831?format=api", "purl": "pkg:apk/alpine/recutils@1.9-r0?arch=x86_64&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/recutils@1.9-r0%3Farch=x86_64&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2021-46019" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zufq-nh9v-g7at" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/recutils@1.9-r0%3Farch=x86_64&distroversion=v3.20&reponame=community" }