Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/365987?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/365987?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.9-2?distro=trixie", "type": "deb", "namespace": "debian", "name": "xine-ui", "version": "0.99.9-2", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "0.99.1", "latest_non_vulnerable_version": "0.99.14+hg20251015-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80191?format=api", "vulnerability_id": "VCID-6s2w-7wfx-mqdm", "summary": "Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-1905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07959", "scoring_system": "epss", "scoring_elements": "0.92186", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-1905" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1905" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363370", "reference_id": "363370", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363370" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27670.txt", "reference_id": "CVE-2006-1905;OSVDB-24747", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27670.txt" }, { "reference_url": "https://www.securityfocus.com/bid/17579/info", "reference_id": "CVE-2006-1905;OSVDB-24747", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/17579/info" }, { "reference_url": "https://security.gentoo.org/glsa/200604-15", "reference_id": "GLSA-200604-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200604-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/365991?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365987?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.9-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.9-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365985?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365989?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20240403-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20240403-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365988?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20251015-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20251015-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-1905" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6s2w-7wfx-mqdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79828?format=api", "vulnerability_id": "VCID-734w-jpyy-pfd7", "summary": "xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the (1) audio.sun_audio_device or (2) dxr3.devicename options in an MRL link.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1951", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02547", "scoring_system": "epss", "scoring_elements": "0.85725", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1951" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24038.txt", "reference_id": "CVE-2004-1951;OSVDB-5594", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24038.txt" }, { "reference_url": "https://www.securityfocus.com/bid/10193/info", "reference_id": "CVE-2004-1951;OSVDB-5594", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/10193/info" }, { "reference_url": "https://security.gentoo.org/glsa/200404-20", "reference_id": "GLSA-200404-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200404-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/365990?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365987?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.9-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.9-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365985?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365989?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20240403-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20240403-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365988?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20251015-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20251015-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-1951" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-734w-jpyy-pfd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79713?format=api", "vulnerability_id": "VCID-awa2-bq47-1yfx", "summary": "xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0372", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.33847", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0372" }, { "reference_url": "https://security.gentoo.org/glsa/200404-20", "reference_id": "GLSA-200404-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200404-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/365986?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365987?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.9-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.9-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365985?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365989?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20240403-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20240403-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365988?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20251015-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20251015-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0372" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-awa2-bq47-1yfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80200?format=api", "vulnerability_id": "VCID-dw4g-mpjb-nfdk", "summary": "Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2230", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.012", "scoring_system": "epss", "scoring_elements": "0.79216", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2230" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2230" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363370", "reference_id": "363370", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363370" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27791.txt", "reference_id": "CVE-2006-2230;OSVDB-25606", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27791.txt" }, { "reference_url": "https://www.securityfocus.com/bid/17769/info", "reference_id": "CVE-2006-2230;OSVDB-25606", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/17769/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/365992?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.4-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365987?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.9-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.9-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365985?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365989?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20240403-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20240403-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365988?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20251015-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20251015-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-2230" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dw4g-mpjb-nfdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80353?format=api", "vulnerability_id": "VCID-su1s-q18r-vka9", "summary": "Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-0254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02294", "scoring_system": "epss", "scoring_elements": "0.84983", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-0254" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0254" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407369", "reference_id": "407369", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407369" }, { "reference_url": "https://security.gentoo.org/glsa/200701-18", "reference_id": "GLSA-200701-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200701-18" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/365993?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.4%2Bdfsg%2Bcvs20061111-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.4%252Bdfsg%252Bcvs20061111-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365987?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.9-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.9-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365985?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365989?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20240403-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20240403-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/365988?format=api", "purl": "pkg:deb/debian/xine-ui@0.99.14%2Bhg20251015-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.14%252Bhg20251015-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-0254" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-su1s-q18r-vka9" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xine-ui@0.99.9-2%3Fdistro=trixie" }