Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/20014?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/20014?format=api", "purl": "pkg:nuget/libxml2@1.5.0", "type": "nuget", "namespace": "", "name": "libxml2", "version": "1.5.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6708?format=api", "vulnerability_id": "VCID-ttud-e3xr-dudd", "summary": "Integer Overflow\nInteger overflow in xpath.c in libxml2, and libxml, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1944.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1944.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.9596", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.95967", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.95974", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.95979", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.95988", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.9599", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.95993", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.95996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.96005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.96011", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.96012", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628537", "reference_id": "628537", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628537" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=709747", "reference_id": "709747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=709747" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1944", "reference_id": "CVE-2011-1944", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1944" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35810.txt", "reference_id": "CVE-2011-1944;OSVDB-73248", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35810.txt" }, { "reference_url": "https://www.securityfocus.com/bid/48056/info", "reference_id": "CVE-2011-1944;OSVDB-73248", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/48056/info" }, { "reference_url": "https://security.gentoo.org/glsa/201110-26", "reference_id": "GLSA-201110-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1749", "reference_id": "RHSA-2011:1749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0017", "reference_id": "RHSA-2012:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1153-1/", "reference_id": "USN-1153-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1153-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19994?format=api", "purl": "pkg:nuget/libxml2@2.7.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b828-btkm-tufv" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gc1r-nauj-1fge" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wksj-tx4y-cye7" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.2" } ], "aliases": [ "CVE-2011-1944" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ttud-e3xr-dudd" } ], "fixing_vulnerabilities": [], "risk_score": "0.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@1.5.0" }