VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/30187?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/30187?format=api",
    "purl": "pkg:pypi/apache-iotdb@0.13.2",
    "type": "pypi",
    "namespace": "",
    "name": "apache-iotdb",
    "version": "0.13.2",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": "2.0.5",
    "latest_non_vulnerable_version": "2.0.5",
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9393?format=api",
            "vulnerability_id": "VCID-5xmw-u38h-4yhs",
            "summary": "Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB.\n\nThis issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2.\n\nUsers are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue.",
            "references": [
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26864",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.0049",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6588",
                            "published_at": "2026-05-30T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26864"
                },
                {
                    "reference_url": "https://github.com/apache/iotdb",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.9",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/apache/iotdb"
                },
                {
                    "reference_url": "https://github.com/apache/iotdb/commit/34fcaff6b72470d5ad369307dde7fae8897aea7e",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.9",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/apache/iotdb/commit/34fcaff6b72470d5ad369307dde7fae8897aea7e"
                },
                {
                    "reference_url": "https://github.com/apache/iotdb/pull/14863",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.9",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/apache/iotdb/pull/14863"
                },
                {
                    "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-iotdb/PYSEC-2025-60.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.9",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-iotdb/PYSEC-2025-60.yaml"
                },
                {
                    "reference_url": "https://lists.apache.org/thread/2kcjnlypppk8qjh17dpz0jvkcpn6l162",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
                        },
                        {
                            "value": "6.9",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-19T18:41:20Z/"
                        }
                    ],
                    "url": "https://lists.apache.org/thread/2kcjnlypppk8qjh17dpz0jvkcpn6l162"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26864",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.9",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26864"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2025/05/14/4",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.9",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.openwall.com/lists/oss-security/2025/05/14/4"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-5fc3-pqf2-57cx",
                    "reference_id": "GHSA-5fc3-pqf2-57cx",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/advisories/GHSA-5fc3-pqf2-57cx"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/44034?format=api",
                    "purl": "pkg:pypi/apache-iotdb@1.3.4",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-skcm-h3kp-xygf"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/apache-iotdb@1.3.4"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/45255?format=api",
                    "purl": "pkg:pypi/apache-iotdb@2.0.2",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-skcm-h3kp-xygf"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/apache-iotdb@2.0.2"
                }
            ],
            "aliases": [
                "CVE-2025-26864",
                "GHSA-5fc3-pqf2-57cx",
                "PYSEC-2025-60"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5xmw-u38h-4yhs"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8753?format=api",
            "vulnerability_id": "VCID-dh97-ydsf-8ken",
            "summary": "Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3.\n\nAttackers could login without authorization. This is fixed in 0.13.4.",
            "references": [
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24831",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00189",
                            "scoring_system": "epss",
                            "scoring_elements": "0.4052",
                            "published_at": "2026-05-30T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24831"
                },
                {
                    "reference_url": "https://github.com/apache/iotdb",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "9.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "9.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "CRITICAL",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/apache/iotdb"
                },
                {
                    "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-iotdb/PYSEC-2023-7.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "9.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "9.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "CRITICAL",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-iotdb/PYSEC-2023-7.yaml"
                },
                {
                    "reference_url": "https://lists.apache.org/thread/3dgvzgstycf8b5hyf4z3n7cqdhcyln3l",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "9.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "9.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "CRITICAL",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-21T14:14:59Z/"
                        }
                    ],
                    "url": "https://lists.apache.org/thread/3dgvzgstycf8b5hyf4z3n7cqdhcyln3l"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24831",
                    "reference_id": "CVE-2023-24831",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "9.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "9.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "CRITICAL",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24831"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-pvjv-386f-c8wh",
                    "reference_id": "GHSA-pvjv-386f-c8wh",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "CRITICAL",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-pvjv-386f-c8wh"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/32172?format=api",
                    "purl": "pkg:pypi/apache-iotdb@0.13.5",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5xmw-u38h-4yhs"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/apache-iotdb@0.13.5"
                }
            ],
            "aliases": [
                "CVE-2023-24831",
                "GHSA-pvjv-386f-c8wh",
                "PYSEC-2023-7"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dh97-ydsf-8ken"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8703?format=api",
            "vulnerability_id": "VCID-egqv-s8yr-7ybs",
            "summary": "Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 before 0.13.3.",
            "references": [
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24830",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.01536",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81648",
                            "published_at": "2026-05-30T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24830"
                },
                {
                    "reference_url": "https://github.com/apache/iotdb",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/apache/iotdb"
                },
                {
                    "reference_url": "https://lists.apache.org/thread/l4fon37687jz5ohgsnz2ko9fv400915t",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-28T14:24:29Z/"
                        }
                    ],
                    "url": "https://lists.apache.org/thread/l4fon37687jz5ohgsnz2ko9fv400915t"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24830",
                    "reference_id": "CVE-2023-24830",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24830"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-pp4w-9x82-6r47",
                    "reference_id": "GHSA-pp4w-9x82-6r47",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-pp4w-9x82-6r47"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/30188?format=api",
                    "purl": "pkg:pypi/apache-iotdb@0.13.3",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5xmw-u38h-4yhs"
                        },
                        {
                            "vulnerability": "VCID-dh97-ydsf-8ken"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/apache-iotdb@0.13.3"
                }
            ],
            "aliases": [
                "CVE-2023-24830",
                "GHSA-pp4w-9x82-6r47",
                "PYSEC-2023-6"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-egqv-s8yr-7ybs"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8705?format=api",
            "vulnerability_id": "VCID-mhq7-q537-sue2",
            "summary": "Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue affects the iotdb-web-workbench component from 0.13.0 before 0.13.3. iotdb-web-workbench is an optional component of IoTDB, providing a web console of the database. This problem is fixed from version 0.13.3 of iotdb-web-workbench onwards.",
            "references": [
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24829",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00585",
                            "scoring_system": "epss",
                            "scoring_elements": "0.69392",
                            "published_at": "2026-05-30T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24829"
                },
                {
                    "reference_url": "https://lists.apache.org/thread/l0b59hh046tyn4gqot0bdrpg8gxlksmo",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "8.8",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-27T17:13:16Z/"
                        }
                    ],
                    "url": "https://lists.apache.org/thread/l0b59hh046tyn4gqot0bdrpg8gxlksmo"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24829",
                    "reference_id": "CVE-2023-24829",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24829"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/30188?format=api",
                    "purl": "pkg:pypi/apache-iotdb@0.13.3",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5xmw-u38h-4yhs"
                        },
                        {
                            "vulnerability": "VCID-dh97-ydsf-8ken"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/apache-iotdb@0.13.3"
                }
            ],
            "aliases": [
                "CVE-2023-24829",
                "PYSEC-2023-5"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhq7-q537-sue2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8570?format=api",
            "vulnerability_id": "VCID-ybcb-w79y-p3ga",
            "summary": "Apache IoTDB version 0.12.2 to 0.12.6, 0.13.0 to 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. Users should upgrade to 0.13.3 which addresses this issue or use a later version of Java to avoid it.",
            "references": [
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43766",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.02279",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84945",
                            "published_at": "2026-05-30T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43766"
                },
                {
                    "reference_url": "https://github.com/apache/iotdb",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "8.7",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/apache/iotdb"
                },
                {
                    "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-iotdb/PYSEC-2022-42972.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "8.7",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/pypa/advisory-database/tree/main/vulns/apache-iotdb/PYSEC-2022-42972.yaml"
                },
                {
                    "reference_url": "https://lists.apache.org/thread/9pgpb82p5brooy41n8l5q0y9h33db2zn",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "8.7",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-07T13:38:38Z/"
                        }
                    ],
                    "url": "https://lists.apache.org/thread/9pgpb82p5brooy41n8l5q0y9h33db2zn"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43766",
                    "reference_id": "CVE-2022-43766",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        },
                        {
                            "value": "8.7",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43766"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-g6hg-4v3c-6jq7",
                    "reference_id": "GHSA-g6hg-4v3c-6jq7",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-g6hg-4v3c-6jq7"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/30188?format=api",
                    "purl": "pkg:pypi/apache-iotdb@0.13.3",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5xmw-u38h-4yhs"
                        },
                        {
                            "vulnerability": "VCID-dh97-ydsf-8ken"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/apache-iotdb@0.13.3"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/28407?format=api",
                    "purl": "pkg:pypi/apache-iotdb@0.14.0rc1",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-5xmw-u38h-4yhs"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/apache-iotdb@0.14.0rc1"
                }
            ],
            "aliases": [
                "CVE-2022-43766",
                "GHSA-g6hg-4v3c-6jq7",
                "PYSEC-2022-42972"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ybcb-w79y-p3ga"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/apache-iotdb@0.13.2"
}

Package Instance