Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/449200?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/449200?format=api", "purl": "pkg:apk/alpine/klibc@2.0.9-r0?arch=x86_64&distroversion=edge&reponame=community", "type": "apk", "namespace": "alpine", "name": "klibc", "version": "2.0.9-r0", "qualifiers": { "arch": "x86_64", "distroversion": "edge", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94738?format=api", "vulnerability_id": "VCID-36y6-h6vw-xkc1", "summary": "An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31871", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81564", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81597", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81623", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81628", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81648", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81635", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31871" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989505", "reference_id": "989505", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989505" }, { "reference_url": "https://usn.ubuntu.com/5379-1/", "reference_id": "USN-5379-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5379-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/449200?format=api", "purl": "pkg:apk/alpine/klibc@2.0.9-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/klibc@2.0.9-r0%3Farch=x86_64&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2021-31871" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36y6-h6vw-xkc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94740?format=api", "vulnerability_id": "VCID-exyu-7j28-43ga", "summary": "An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75452", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75455", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75486", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75466", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75508", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75518", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75537", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75516", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75506", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31873" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989505", "reference_id": "989505", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989505" }, { "reference_url": "https://usn.ubuntu.com/5379-1/", "reference_id": "USN-5379-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5379-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/449200?format=api", "purl": "pkg:apk/alpine/klibc@2.0.9-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/klibc@2.0.9-r0%3Farch=x86_64&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2021-31873" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-exyu-7j28-43ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94739?format=api", "vulnerability_id": "VCID-s96y-8z6t-3yff", "summary": "An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31872", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01173", "scoring_system": "epss", "scoring_elements": "0.78639", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01173", "scoring_system": "epss", "scoring_elements": "0.78645", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01173", "scoring_system": "epss", "scoring_elements": "0.78675", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01173", "scoring_system": "epss", "scoring_elements": "0.78656", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01173", "scoring_system": "epss", "scoring_elements": "0.78682", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01173", "scoring_system": "epss", "scoring_elements": "0.78688", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01173", "scoring_system": "epss", "scoring_elements": "0.78713", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01173", "scoring_system": "epss", "scoring_elements": "0.78695", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01173", "scoring_system": "epss", "scoring_elements": "0.78687", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31872" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989505", "reference_id": "989505", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989505" }, { "reference_url": "https://usn.ubuntu.com/5379-1/", "reference_id": "USN-5379-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5379-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/449200?format=api", "purl": "pkg:apk/alpine/klibc@2.0.9-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/klibc@2.0.9-r0%3Farch=x86_64&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2021-31872" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s96y-8z6t-3yff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94737?format=api", "vulnerability_id": "VCID-z6ae-emwm-wkb3", "summary": "An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31870", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.79518", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.79524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.79547", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.79534", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.79562", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.7957", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.79592", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.79575", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01279", "scoring_system": "epss", "scoring_elements": "0.79567", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-31870" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31870" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989505", "reference_id": "989505", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989505" }, { "reference_url": "https://usn.ubuntu.com/5379-1/", "reference_id": "USN-5379-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5379-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/449200?format=api", "purl": "pkg:apk/alpine/klibc@2.0.9-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/klibc@2.0.9-r0%3Farch=x86_64&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2021-31870" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6ae-emwm-wkb3" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/klibc@2.0.9-r0%3Farch=x86_64&distroversion=edge&reponame=community" }