Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/2434?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/2434?format=api", "purl": "pkg:alpm/archlinux/libcurl-compat@7.56.1-1", "type": "alpm", "namespace": "archlinux", "name": "libcurl-compat", "version": "7.56.1-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "7.53.0-1", "latest_non_vulnerable_version": "7.79.0-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/685?format=api", "vulnerability_id": "VCID-3a88-rrsx-bkex", "summary": "NTLM buffer overflow via integer overflow", "references": [ { "reference_url": "https://curl.se/docs/CVE-2017-8816.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8816.html" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-527", "reference_id": "AVG-527", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-527" }, { "reference_url": "https://security.archlinux.org/AVG-528", "reference_id": "AVG-528", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-528" }, { "reference_url": "https://security.archlinux.org/AVG-529", "reference_id": "AVG-529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-529" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2435?format=api", "purl": "pkg:alpm/archlinux/libcurl-compat@7.57.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-q45p-gz7v-53aa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-compat@7.57.0-1" } ], "aliases": [ "CVE-2017-8816" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3a88-rrsx-bkex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/683?format=api", "vulnerability_id": "VCID-pmd1-casv-zuhe", "summary": "SSL out of buffer access", "references": [ { "reference_url": "https://curl.se/docs/CVE-2017-8818.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8818.html" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-527", "reference_id": "AVG-527", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-527" }, { "reference_url": "https://security.archlinux.org/AVG-528", "reference_id": "AVG-528", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-528" }, { "reference_url": "https://security.archlinux.org/AVG-529", "reference_id": "AVG-529", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-529" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2435?format=api", "purl": "pkg:alpm/archlinux/libcurl-compat@7.57.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-q45p-gz7v-53aa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-compat@7.57.0-1" } ], "aliases": [ "CVE-2017-8818" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmd1-casv-zuhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/684?format=api", "vulnerability_id": "VCID-x6bb-299t-mfhx", "summary": "FTP wildcard out of bounds read", "references": [ { "reference_url": "https://curl.se/docs/CVE-2017-8817.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-8817.html" }, { "reference_url": "https://security.archlinux.org/ASA-201711-33", "reference_id": "ASA-201711-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-33" }, { "reference_url": "https://security.archlinux.org/ASA-201711-34", "reference_id": "ASA-201711-34", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-34" }, { "reference_url": "https://security.archlinux.org/ASA-201711-35", "reference_id": "ASA-201711-35", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-35" }, { "reference_url": "https://security.archlinux.org/ASA-201711-36", "reference_id": "ASA-201711-36", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-36" }, { "reference_url": "https://security.archlinux.org/ASA-201711-37", "reference_id": "ASA-201711-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-37" }, { "reference_url": "https://security.archlinux.org/ASA-201711-38", "reference_id": "ASA-201711-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-38" }, { "reference_url": "https://security.archlinux.org/AVG-521", "reference_id": "AVG-521", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-521" }, { "reference_url": "https://security.archlinux.org/AVG-522", "reference_id": "AVG-522", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-522" }, { "reference_url": "https://security.archlinux.org/AVG-523", "reference_id": "AVG-523", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-523" }, { "reference_url": "https://security.archlinux.org/AVG-524", "reference_id": "AVG-524", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-524" }, { "reference_url": "https://security.archlinux.org/AVG-525", "reference_id": "AVG-525", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-525" }, { "reference_url": "https://security.archlinux.org/AVG-526", "reference_id": "AVG-526", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-526" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2435?format=api", "purl": "pkg:alpm/archlinux/libcurl-compat@7.57.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b3wx-mq6y-gye7" }, { "vulnerability": "VCID-q45p-gz7v-53aa" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-compat@7.57.0-1" } ], "aliases": [ "CVE-2017-8817" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6bb-299t-mfhx" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/686?format=api", "vulnerability_id": "VCID-37es-qgwr-c3ep", "summary": "IMAP FETCH response out of bounds read", "references": [ { "reference_url": "https://curl.se/docs/CVE-2017-1000257.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "cvssv3.1", "scoring_elements": "" } ], "url": "https://curl.se/docs/CVE-2017-1000257.html" }, { "reference_url": "https://security.archlinux.org/ASA-201711-10", "reference_id": "ASA-201711-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-10" }, { "reference_url": "https://security.archlinux.org/ASA-201711-11", "reference_id": "ASA-201711-11", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-11" }, { "reference_url": "https://security.archlinux.org/ASA-201711-6", "reference_id": "ASA-201711-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-6" }, { "reference_url": "https://security.archlinux.org/ASA-201711-7", "reference_id": "ASA-201711-7", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-7" }, { "reference_url": "https://security.archlinux.org/ASA-201711-8", "reference_id": "ASA-201711-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-8" }, { "reference_url": "https://security.archlinux.org/ASA-201711-9", "reference_id": "ASA-201711-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-9" }, { "reference_url": "https://security.archlinux.org/AVG-462", "reference_id": "AVG-462", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-462" }, { "reference_url": "https://security.archlinux.org/AVG-463", "reference_id": "AVG-463", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-463" }, { "reference_url": "https://security.archlinux.org/AVG-464", "reference_id": "AVG-464", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-464" }, { "reference_url": "https://security.archlinux.org/AVG-465", "reference_id": "AVG-465", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-465" }, { "reference_url": "https://security.archlinux.org/AVG-466", "reference_id": "AVG-466", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-466" }, { "reference_url": "https://security.archlinux.org/AVG-467", "reference_id": "AVG-467", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-467" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2434?format=api", "purl": "pkg:alpm/archlinux/libcurl-compat@7.56.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a88-rrsx-bkex" }, { "vulnerability": "VCID-pmd1-casv-zuhe" }, { "vulnerability": "VCID-x6bb-299t-mfhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-compat@7.56.1-1" } ], "aliases": [ "CVE-2017-1000257" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-37es-qgwr-c3ep" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libcurl-compat@7.56.1-1" }