Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/585014?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/585014?format=api", "purl": "pkg:deb/debian/clamav@0.88.5-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "clamav", "version": "0.88.5-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "0.88.7-1", "latest_non_vulnerable_version": "1.4.4+dfsg-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91605?format=api", "vulnerability_id": "VCID-14ba-3s5a-2ff3", "summary": "Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to \"read an invalid memory location.\"", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5295", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96149", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96157", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96164", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96167", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96178", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96181", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96185", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96188", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96196", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25198", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5295" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=393445", "reference_id": "393445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=393445" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/2586.pl", "reference_id": "OSVDB-29774;CVE-2006-5295", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/2586.pl" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585014?format=api", "purl": "pkg:deb/debian/clamav@0.88.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.88.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582099?format=api", "purl": "pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kba-63mx-hya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582100?format=api", "purl": "pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kba-63mx-hya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582101?format=api", "purl": "pkg:deb/debian/clamav@1.4.3%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kba-63mx-hya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582102?format=api", "purl": "pkg:deb/debian/clamav@1.4.3%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kba-63mx-hya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063042?format=api", "purl": "pkg:deb/debian/clamav@1.4.4%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.4%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-5295" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-14ba-3s5a-2ff3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51197?format=api", "vulnerability_id": "VCID-9zc3-mqdn-ufd2", "summary": "ClamAV is vulnerable to a heap-based buffer overflow potentially allowing\n remote execution of arbitrary code and a Denial of Service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4182", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94891", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.949", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94903", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94905", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94914", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94922", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94924", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94927", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94934", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94938", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.16623", "scoring_system": "epss", "scoring_elements": "0.94942", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4182" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=393445", "reference_id": "393445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=393445" }, { "reference_url": "https://security.gentoo.org/glsa/200610-10", "reference_id": "GLSA-200610-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200610-10" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/2587.txt", "reference_id": "OSVDB-29773;CVE-2006-4182", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/2587.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585014?format=api", "purl": "pkg:deb/debian/clamav@0.88.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.88.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582099?format=api", "purl": "pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kba-63mx-hya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582100?format=api", "purl": "pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kba-63mx-hya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582101?format=api", "purl": "pkg:deb/debian/clamav@1.4.3%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kba-63mx-hya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582102?format=api", "purl": "pkg:deb/debian/clamav@1.4.3%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5kba-63mx-hya7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1063042?format=api", "purl": "pkg:deb/debian/clamav@1.4.4%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.4%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-4182" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9zc3-mqdn-ufd2" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.88.5-1%3Fdistro=trixie" }