VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/237262?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
    "type": "apk",
    "namespace": "alpine",
    "name": "qemu",
    "version": "5.2.0-r0",
    "qualifiers": {
        "arch": "s390x",
        "distroversion": "v3.17",
        "reponame": "community"
    },
    "subpath": "",
    "is_vulnerable": false,
    "next_non_vulnerable_version": "6.0.0-r1",
    "latest_non_vulnerable_version": "7.1.0-r4",
    "affected_by_vulnerabilities": [],
    "fixing_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8488?format=api",
            "vulnerability_id": "VCID-4pub-42ne-9bgp",
            "summary": "",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29443.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29443.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29443",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00076",
                            "scoring_system": "epss",
                            "scoring_elements": "0.22815",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00076",
                            "scoring_system": "epss",
                            "scoring_elements": "0.23011",
                            "published_at": "2026-06-12T12:55:00Z"
                        },
                        {
                            "value": "0.00076",
                            "scoring_system": "epss",
                            "scoring_elements": "0.23022",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00076",
                            "scoring_system": "epss",
                            "scoring_elements": "0.22999",
                            "published_at": "2026-06-14T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29443"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29443",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29443"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.9",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917446",
                    "reference_id": "1917446",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917446"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983575",
                    "reference_id": "983575",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983575"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762",
                    "reference_id": "RHSA-2021:1762",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:1762"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:2322",
                    "reference_id": "RHSA-2021:2322",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:2322"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:2529",
                    "reference_id": "RHSA-2021:2529",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:2529"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4725-1/",
                    "reference_id": "USN-4725-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4725-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/5010-1/",
                    "reference_id": "USN-5010-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/5010-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/8412-1/",
                    "reference_id": "USN-8412-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/8412-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
                    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
                }
            ],
            "aliases": [
                "CVE-2020-29443"
            ],
            "risk_score": 1.8,
            "exploitability": "0.5",
            "weighted_severity": "3.5",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pub-42ne-9bgp"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8418?format=api",
            "vulnerability_id": "VCID-6d8w-ghss-3kb4",
            "summary": "",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27821.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.7",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27821.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27821",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00036",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11181",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00036",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11247",
                            "published_at": "2026-06-12T12:55:00Z"
                        },
                        {
                            "value": "0.00036",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11239",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00036",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11205",
                            "published_at": "2026-06-14T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27821"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27821",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27821"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902651",
                    "reference_id": "1902651",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902651"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977616",
                    "reference_id": "977616",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977616"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762",
                    "reference_id": "RHSA-2021:1762",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:1762"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4725-1/",
                    "reference_id": "USN-4725-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4725-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
                    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
                }
            ],
            "aliases": [
                "CVE-2020-27821"
            ],
            "risk_score": 2.5,
            "exploitability": "0.5",
            "weighted_severity": "5.1",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6d8w-ghss-3kb4"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8272?format=api",
            "vulnerability_id": "VCID-8teb-y3zt-73bz",
            "summary": "",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25742.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.2",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25742.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25742",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00044",
                            "scoring_system": "epss",
                            "scoring_elements": "0.13811",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00044",
                            "scoring_system": "epss",
                            "scoring_elements": "0.13928",
                            "published_at": "2026-06-12T12:55:00Z"
                        },
                        {
                            "value": "0.00044",
                            "scoring_system": "epss",
                            "scoring_elements": "0.13926",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00044",
                            "scoring_system": "epss",
                            "scoring_elements": "0.13896",
                            "published_at": "2026-06-14T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25742"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25742",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25742"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.2",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883178",
                    "reference_id": "1883178",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883178"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971390",
                    "reference_id": "971390",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971390"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
                    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
                }
            ],
            "aliases": [
                "CVE-2020-25742"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8teb-y3zt-73bz"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8144?format=api",
            "vulnerability_id": "VCID-d5ju-s4a1-kqad",
            "summary": "",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24352.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.8",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24352.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24352",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00137",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33438",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00137",
                            "scoring_system": "epss",
                            "scoring_elements": "0.3362",
                            "published_at": "2026-06-12T12:55:00Z"
                        },
                        {
                            "value": "0.00137",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33641",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00137",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33615",
                            "published_at": "2026-06-14T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24352"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24352",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24352"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847584",
                    "reference_id": "1847584",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847584"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968820",
                    "reference_id": "968820",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968820"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
                    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
                }
            ],
            "aliases": [
                "CVE-2020-24352"
            ],
            "risk_score": 1.2,
            "exploitability": "0.5",
            "weighted_severity": "2.5",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5ju-s4a1-kqad"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8269?format=api",
            "vulnerability_id": "VCID-qm44-yfaz-7uae",
            "summary": "",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25723.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.2",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25723.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25723",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00036",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11017",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00036",
                            "scoring_system": "epss",
                            "scoring_elements": "0.1108",
                            "published_at": "2026-06-12T12:55:00Z"
                        },
                        {
                            "value": "0.00036",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11075",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00036",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11043",
                            "published_at": "2026-06-14T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25723"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25723",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25723"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.2",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898579",
                    "reference_id": "1898579",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898579"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975276",
                    "reference_id": "975276",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975276"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:0648",
                    "reference_id": "RHSA-2021:0648",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:0648"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:0771",
                    "reference_id": "RHSA-2021:0771",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:0771"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:1762",
                    "reference_id": "RHSA-2021:1762",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:1762"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4650-1/",
                    "reference_id": "USN-4650-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4650-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/8412-1/",
                    "reference_id": "USN-8412-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/8412-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
                    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
                }
            ],
            "aliases": [
                "CVE-2020-25723"
            ],
            "risk_score": 1.4,
            "exploitability": "0.5",
            "weighted_severity": "2.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qm44-yfaz-7uae"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8935?format=api",
            "vulnerability_id": "VCID-stbv-95cd-bkfs",
            "summary": "",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20203.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.2",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20203.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20203",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00031",
                            "scoring_system": "epss",
                            "scoring_elements": "0.09328",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00031",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0938",
                            "published_at": "2026-06-12T12:55:00Z"
                        },
                        {
                            "value": "0.00031",
                            "scoring_system": "epss",
                            "scoring_elements": "0.09379",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00031",
                            "scoring_system": "epss",
                            "scoring_elements": "0.09367",
                            "published_at": "2026-06-14T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20203"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20203",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20203"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.2",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922441",
                    "reference_id": "1922441",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922441"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984452",
                    "reference_id": "984452",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984452"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/202208-27",
                    "reference_id": "GLSA-202208-27",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/202208-27"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/5307-1/",
                    "reference_id": "USN-5307-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/5307-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/8412-1/",
                    "reference_id": "USN-8412-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/8412-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
                    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
                }
            ],
            "aliases": [
                "CVE-2021-20203"
            ],
            "risk_score": 1.4,
            "exploitability": "0.5",
            "weighted_severity": "2.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-stbv-95cd-bkfs"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177223?format=api",
            "vulnerability_id": "VCID-t4ey-5gef-4qcw",
            "summary": "Multiple vulnerabilities have been discovered in QEMU, the worst of which could result in remote code execution (guest sandbox escape).",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35517.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35517.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35517",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00113",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29483",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00113",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29685",
                            "published_at": "2026-06-12T12:55:00Z"
                        },
                        {
                            "value": "0.00113",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29703",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00113",
                            "scoring_system": "epss",
                            "scoring_elements": "0.29687",
                            "published_at": "2026-06-14T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35517"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35517",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35517"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1915823",
                    "reference_id": "1915823",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1915823"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980814",
                    "reference_id": "980814",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980814"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/202208-27",
                    "reference_id": "GLSA-202208-27",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/202208-27"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:0711",
                    "reference_id": "RHSA-2021:0711",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:0711"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2021:0743",
                    "reference_id": "RHSA-2021:0743",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2021:0743"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/5010-1/",
                    "reference_id": "USN-5010-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/5010-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
                    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
                }
            ],
            "aliases": [
                "CVE-2020-35517"
            ],
            "risk_score": 3.4,
            "exploitability": "0.5",
            "weighted_severity": "6.8",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4ey-5gef-4qcw"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8273?format=api",
            "vulnerability_id": "VCID-uumz-jgqk-6ke6",
            "summary": "",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25743.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.2",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25743.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25743",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00044",
                            "scoring_system": "epss",
                            "scoring_elements": "0.13811",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00044",
                            "scoring_system": "epss",
                            "scoring_elements": "0.13928",
                            "published_at": "2026-06-12T12:55:00Z"
                        },
                        {
                            "value": "0.00044",
                            "scoring_system": "epss",
                            "scoring_elements": "0.13926",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00044",
                            "scoring_system": "epss",
                            "scoring_elements": "0.13896",
                            "published_at": "2026-06-14T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25743"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25743",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25743"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.4",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881409",
                    "reference_id": "1881409",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881409"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970940",
                    "reference_id": "970940",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970940"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
                    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
                }
            ],
            "aliases": [
                "CVE-2020-25743"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uumz-jgqk-6ke6"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8364?format=api",
            "vulnerability_id": "VCID-xcgx-6d63-cye9",
            "summary": "",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27661.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.8",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27661.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27661",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00176",
                            "scoring_system": "epss",
                            "scoring_elements": "0.38863",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00176",
                            "scoring_system": "epss",
                            "scoring_elements": "0.39035",
                            "published_at": "2026-06-12T12:55:00Z"
                        },
                        {
                            "value": "0.00176",
                            "scoring_system": "epss",
                            "scoring_elements": "0.39058",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00176",
                            "scoring_system": "epss",
                            "scoring_elements": "0.39049",
                            "published_at": "2026-06-14T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27661"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27661",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27661"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890653",
                    "reference_id": "1890653",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890653"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972864",
                    "reference_id": "972864",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972864"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/237262?format=api",
                    "purl": "pkg:apk/alpine/qemu@5.2.0-r0?arch=s390x&distroversion=v3.17&reponame=community",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
                }
            ],
            "aliases": [
                "CVE-2020-27661"
            ],
            "risk_score": 1.7,
            "exploitability": "0.5",
            "weighted_severity": "3.4",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xcgx-6d63-cye9"
        }
    ],
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qemu@5.2.0-r0%3Farch=s390x&distroversion=v3.17&reponame=community"
}

Package Instance