Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/514955?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/514955?format=api", "purl": "pkg:apk/alpine/cacti@1.2.8-r0?arch=aarch64&distroversion=v3.14&reponame=community", "type": "apk", "namespace": "alpine", "name": "cacti", "version": "1.2.8-r0", "qualifiers": { "arch": "aarch64", "distroversion": "v3.14", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.2.13-r0", "latest_non_vulnerable_version": "1.2.17-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49288?format=api", "vulnerability_id": "VCID-9swv-zvke-ubet", "summary": "Multiple vulnerabilities have been found in Cacti, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93926", "scoring_system": "epss", "scoring_elements": "0.99879", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.93926", "scoring_system": "epss", "scoring_elements": "0.9988", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.94091", "scoring_system": "epss", "scoring_elements": "0.99904", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.94091", "scoring_system": "epss", "scoring_elements": "0.99905", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-8813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8813" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951832", "reference_id": "951832", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951832" }, { "reference_url": "https://github.com/mhaskar/CVE-2020-8813/blob/4877c2b2f378ce5937f56b259b69b02840514d4c/Cacti-postauth-rce.py", "reference_id": "CVE-2020-8813", "reference_type": "exploit", "scores": [], "url": "https://github.com/mhaskar/CVE-2020-8813/blob/4877c2b2f378ce5937f56b259b69b02840514d4c/Cacti-postauth-rce.py" }, { "reference_url": "https://github.com/mhaskar/CVE-2020-8813/blob/dfb48378f39249ff54ecf24ccd3b89db26971ccf/Cacti-preauth-rce.py", "reference_id": "CVE-2020-8813", "reference_type": "exploit", "scores": [], "url": "https://github.com/mhaskar/CVE-2020-8813/blob/dfb48378f39249ff54ecf24ccd3b89db26971ccf/Cacti-preauth-rce.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48144.py", "reference_id": "CVE-2020-8813", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48144.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48145.py", "reference_id": "CVE-2020-8813", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/48145.py" }, { "reference_url": "https://security.gentoo.org/glsa/202004-16", "reference_id": "GLSA-202004-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202004-16" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514955?format=api", "purl": "pkg:apk/alpine/cacti@1.2.8-r0?arch=aarch64&distroversion=v3.14&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.8-r0%3Farch=aarch64&distroversion=v3.14&reponame=community" } ], "aliases": [ "CVE-2020-8813" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9swv-zvke-ubet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41773?format=api", "vulnerability_id": "VCID-cxs3-zh36-m7en", "summary": "Multiple vulnerabilities have been found in Cacti, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04094", "scoring_system": "epss", "scoring_elements": "0.88531", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04094", "scoring_system": "epss", "scoring_elements": "0.88539", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04094", "scoring_system": "epss", "scoring_elements": "0.88556", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04094", "scoring_system": "epss", "scoring_elements": "0.88559", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04094", "scoring_system": "epss", "scoring_elements": "0.88577", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04094", "scoring_system": "epss", "scoring_elements": "0.88582", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04094", "scoring_system": "epss", "scoring_elements": "0.88594", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04094", "scoring_system": "epss", "scoring_elements": "0.88586", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7106" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7106", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7106" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949996", "reference_id": "949996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949996" }, { "reference_url": "https://security.gentoo.org/glsa/202003-40", "reference_id": "GLSA-202003-40", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514955?format=api", "purl": "pkg:apk/alpine/cacti@1.2.8-r0?arch=aarch64&distroversion=v3.14&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.8-r0%3Farch=aarch64&distroversion=v3.14&reponame=community" } ], "aliases": [ "CVE-2020-7106" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cxs3-zh36-m7en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41774?format=api", "vulnerability_id": "VCID-uj1s-uuyx-mya5", "summary": "Multiple vulnerabilities have been found in Cacti, the worst of\n which could lead to the remote execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.46813", "scoring_system": "epss", "scoring_elements": "0.97647", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.46813", "scoring_system": "epss", "scoring_elements": "0.97653", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.46813", "scoring_system": "epss", "scoring_elements": "0.97655", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.46813", "scoring_system": "epss", "scoring_elements": "0.97656", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.46813", "scoring_system": "epss", "scoring_elements": "0.9766", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.46813", "scoring_system": "epss", "scoring_elements": "0.97662", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.46813", "scoring_system": "epss", "scoring_elements": "0.97664", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.46813", "scoring_system": "epss", "scoring_elements": "0.97667", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7237" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949997", "reference_id": "949997", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949997" }, { "reference_url": "https://security.gentoo.org/glsa/202003-40", "reference_id": "GLSA-202003-40", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-40" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/514955?format=api", "purl": "pkg:apk/alpine/cacti@1.2.8-r0?arch=aarch64&distroversion=v3.14&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.8-r0%3Farch=aarch64&distroversion=v3.14&reponame=community" } ], "aliases": [ "CVE-2020-7237" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uj1s-uuyx-mya5" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.8-r0%3Farch=aarch64&distroversion=v3.14&reponame=community" }