Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/462829?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/462829?format=api", "purl": "pkg:apk/alpine/xen@4.10.1-r1?arch=riscv64&distroversion=edge&reponame=main", "type": "apk", "namespace": "alpine", "name": "xen", "version": "4.10.1-r1", "qualifiers": { "arch": "riscv64", "distroversion": "edge", "reponame": "main" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "4.11.0-r0", "latest_non_vulnerable_version": "4.21.1-r4", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106346?format=api", "vulnerability_id": "VCID-myz7-2ecf-ukg2", "summary": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10981.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10981.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21799", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2188", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21868", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21821", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571881", "reference_id": "1571881", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571881" }, { "reference_url": "https://security.gentoo.org/glsa/201810-06", "reference_id": "GLSA-201810-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-06" }, { "reference_url": "https://xenbits.xen.org/xsa/advisory-262.html", "reference_id": "XSA-262", "reference_type": "", "scores": [], "url": "https://xenbits.xen.org/xsa/advisory-262.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/462829?format=api", "purl": "pkg:apk/alpine/xen@4.10.1-r1?arch=riscv64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r1%3Farch=riscv64&distroversion=edge&reponame=main" } ], "aliases": [ "CVE-2018-10981", "XSA-262" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-myz7-2ecf-ukg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106347?format=api", "vulnerability_id": "VCID-rrzw-b91j-m7cz", "summary": "An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10982.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10982.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10982", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21295", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21375", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2136", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21313", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571880", "reference_id": "1571880", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1571880" }, { "reference_url": "https://security.gentoo.org/glsa/201810-06", "reference_id": "GLSA-201810-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-06" }, { "reference_url": "https://xenbits.xen.org/xsa/advisory-261.html", "reference_id": "XSA-261", "reference_type": "", "scores": [], "url": "https://xenbits.xen.org/xsa/advisory-261.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/462829?format=api", "purl": "pkg:apk/alpine/xen@4.10.1-r1?arch=riscv64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r1%3Farch=riscv64&distroversion=edge&reponame=main" } ], "aliases": [ "CVE-2018-10982", "XSA-261" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrzw-b91j-m7cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6295?format=api", "vulnerability_id": "VCID-zyd4-ebcu-6qdt", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24723", "scoring_system": "epss", "scoring_elements": "0.96253", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.24723", "scoring_system": "epss", "scoring_elements": "0.96246", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.24723", "scoring_system": "epss", "scoring_elements": "0.96251", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1087", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1087" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567074", "reference_id": "1567074", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1567074" }, { "reference_url": "https://security.archlinux.org/AVG-701", "reference_id": "AVG-701", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-701" }, { "reference_url": "https://security.archlinux.org/AVG-702", "reference_id": "AVG-702", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-702" }, { "reference_url": "https://security.archlinux.org/AVG-703", "reference_id": "AVG-703", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-703" }, { "reference_url": "https://security.archlinux.org/AVG-704", "reference_id": "AVG-704", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-704" }, { "reference_url": "https://github.com/can1357/CVE-2018-8897", "reference_id": "CVE-2018-8897", "reference_type": "exploit", "scores": [], "url": "https://github.com/can1357/CVE-2018-8897" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/44697.txt", "reference_id": "CVE-2018-8897", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/44697.txt" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/45024.rb", "reference_id": "CVE-2018-8897", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/45024.rb" }, { "reference_url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/b40a1467232a84c19b0c8f16a36e2b9973cab951/modules/exploits/windows/local/mov_ss.rb", "reference_id": "CVE-2018-8897", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/b40a1467232a84c19b0c8f16a36e2b9973cab951/modules/exploits/windows/local/mov_ss.rb" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1318", "reference_id": "RHSA-2018:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1319", "reference_id": "RHSA-2018:1319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1345", "reference_id": "RHSA-2018:1345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1345" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1346", "reference_id": "RHSA-2018:1346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1347", "reference_id": "RHSA-2018:1347", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1348", "reference_id": "RHSA-2018:1348", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1349", "reference_id": "RHSA-2018:1349", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1350", "reference_id": "RHSA-2018:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1351", "reference_id": "RHSA-2018:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1352", "reference_id": "RHSA-2018:1352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1353", "reference_id": "RHSA-2018:1353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1354", "reference_id": "RHSA-2018:1354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1355", "reference_id": "RHSA-2018:1355", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1524", "reference_id": "RHSA-2018:1524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1710", "reference_id": "RHSA-2018:1710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1711", "reference_id": "RHSA-2018:1711", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1711" }, { "reference_url": "https://usn.ubuntu.com/3641-1/", "reference_id": "USN-3641-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3641-1/" }, { "reference_url": "https://usn.ubuntu.com/3641-2/", "reference_id": "USN-3641-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3641-2/" }, { "reference_url": "https://xenbits.xen.org/xsa/advisory-260.html", "reference_id": "XSA-260", "reference_type": "", "scores": [], "url": "https://xenbits.xen.org/xsa/advisory-260.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/462829?format=api", "purl": "pkg:apk/alpine/xen@4.10.1-r1?arch=riscv64&distroversion=edge&reponame=main", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r1%3Farch=riscv64&distroversion=edge&reponame=main" } ], "aliases": [ "CVE-2018-8897", "XSA-260" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zyd4-ebcu-6qdt" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.10.1-r1%3Farch=riscv64&distroversion=edge&reponame=main" }