Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/230641?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/230641?format=api", "purl": "pkg:apk/alpine/exiv2@0.27.3-r1?arch=s390x&distroversion=v3.14&reponame=community", "type": "apk", "namespace": "alpine", "name": "exiv2", "version": "0.27.3-r1", "qualifiers": { "arch": "s390x", "distroversion": "v3.14", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "0.27.3-r2", "latest_non_vulnerable_version": "0.27.5-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6472?format=api", "vulnerability_id": "VCID-6wrk-qf7u-9bah", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29458.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29458.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26365", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29458" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952607", "reference_id": "1952607", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952607" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987277", "reference_id": "987277", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987277" }, { "reference_url": "https://security.archlinux.org/ASA-202106-54", "reference_id": "ASA-202106-54", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-54" }, { "reference_url": "https://security.archlinux.org/AVG-1772", "reference_id": "AVG-1772", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4173", "reference_id": "RHSA-2021:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4173" }, { "reference_url": "https://usn.ubuntu.com/4941-1/", "reference_id": "USN-4941-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4941-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/230641?format=api", "purl": "pkg:apk/alpine/exiv2@0.27.3-r1?arch=s390x&distroversion=v3.14&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.3-r1%3Farch=s390x&distroversion=v3.14&reponame=community" } ], "aliases": [ "CVE-2021-29458" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wrk-qf7u-9bah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6465?format=api", "vulnerability_id": "VCID-cqkb-5w3h-afhu", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3482.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3482.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3482", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00824", "scoring_system": "epss", "scoring_elements": "0.74751", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3482" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946314", "reference_id": "1946314", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946314" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986888", "reference_id": "986888", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986888" }, { "reference_url": "https://security.archlinux.org/ASA-202106-54", "reference_id": "ASA-202106-54", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-54" }, { "reference_url": "https://security.archlinux.org/AVG-1772", "reference_id": "AVG-1772", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4173", "reference_id": "RHSA-2021:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4173" }, { "reference_url": "https://usn.ubuntu.com/4941-1/", "reference_id": "USN-4941-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4941-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/230641?format=api", "purl": "pkg:apk/alpine/exiv2@0.27.3-r1?arch=s390x&distroversion=v3.14&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.3-r1%3Farch=s390x&distroversion=v3.14&reponame=community" } ], "aliases": [ "CVE-2021-3482" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cqkb-5w3h-afhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6473?format=api", "vulnerability_id": "VCID-qeax-4cn4-8ya7", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29457.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29457.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29457", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01509", "scoring_system": "epss", "scoring_elements": "0.81491", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-29457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952612", "reference_id": "1952612", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952612" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991705", "reference_id": "991705", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991705" }, { "reference_url": "https://security.archlinux.org/ASA-202106-54", "reference_id": "ASA-202106-54", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-54" }, { "reference_url": "https://security.archlinux.org/AVG-1772", "reference_id": "AVG-1772", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4173", "reference_id": "RHSA-2021:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4173" }, { "reference_url": "https://usn.ubuntu.com/4941-1/", "reference_id": "USN-4941-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4941-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/230641?format=api", "purl": "pkg:apk/alpine/exiv2@0.27.3-r1?arch=s390x&distroversion=v3.14&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.3-r1%3Farch=s390x&distroversion=v3.14&reponame=community" } ], "aliases": [ "CVE-2021-29457" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qeax-4cn4-8ya7" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.3-r1%3Farch=s390x&distroversion=v3.14&reponame=community" }