Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/585609?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/585609?format=api", "purl": "pkg:deb/debian/ffmpeg@7:5.0.1-2?distro=trixie", "type": "deb", "namespace": "debian", "name": "ffmpeg", "version": "7:5.0.1-2", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "7:5.1-1", "latest_non_vulnerable_version": "7:8.1-3", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90876?format=api", "vulnerability_id": "VCID-1naj-ejg3-vucx", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-20445", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83686", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83585", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83598", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83612", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83614", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83638", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83645", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83662", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83655", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83651", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01999", "scoring_system": "epss", "scoring_elements": "0.83685", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-20445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20453", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20453" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21697" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22028" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22029", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22029" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22030", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22030" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22031" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22032" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22037" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22054", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22054" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38171", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38171" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38291" }, { "reference_url": "https://security.archlinux.org/AVG-1989", "reference_id": "AVG-1989", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1989" }, { "reference_url": "https://usn.ubuntu.com/5472-1/", "reference_id": "USN-5472-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5472-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5167-1/", "reference_id": "USN-USN-5167-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5167-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582234?format=api", "purl": "pkg:deb/debian/ffmpeg@7:4.3.3-0%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.3-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582177?format=api", "purl": "pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2qje-t52h-fyfk" }, { "vulnerability": "VCID-mun9-fyvn-8kfs" }, { "vulnerability": "VCID-ujjc-ays1-gfc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585609?format=api", "purl": "pkg:deb/debian/ffmpeg@7:5.0.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.0.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582178?format=api", "purl": "pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2qje-t52h-fyfk" }, { "vulnerability": "VCID-352p-mxyy-k3bu" }, { "vulnerability": "VCID-e9kf-tzg8-9bht" }, { "vulnerability": "VCID-grh1-jxmf-dqdv" }, { "vulnerability": "VCID-mun9-fyvn-8kfs" }, { "vulnerability": "VCID-ns98-tu4j-sfd5" }, { "vulnerability": "VCID-uakc-kpg5-2ug5" }, { "vulnerability": "VCID-wrb6-w8ps-uuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582179?format=api", "purl": "pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2qje-t52h-fyfk" }, { "vulnerability": "VCID-352p-mxyy-k3bu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582180?format=api", "purl": "pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-20445" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1naj-ejg3-vucx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95888?format=api", "vulnerability_id": "VCID-7kmr-r2hd-dfap", "summary": "A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36362", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3876", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38708", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38755", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38732", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3877", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38699", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38749", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38772", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38735", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334335", "reference_id": "show_bug.cgi?id=2334335", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-31T14:59:14Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334335" }, { "reference_url": "https://usn.ubuntu.com/7830-1/", "reference_id": "USN-7830-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7830-1/" }, { "reference_url": "https://usn.ubuntu.com/7890-1/", "reference_id": "USN-7890-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7890-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582177?format=api", "purl": "pkg:deb/debian/ffmpeg@7:4.3.7-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2qje-t52h-fyfk" }, { "vulnerability": "VCID-mun9-fyvn-8kfs" }, { "vulnerability": "VCID-ujjc-ays1-gfc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.7-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582444?format=api", "purl": "pkg:deb/debian/ffmpeg@7:4.3.9-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:4.3.9-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/585609?format=api", "purl": "pkg:deb/debian/ffmpeg@7:5.0.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.0.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582178?format=api", "purl": "pkg:deb/debian/ffmpeg@7:5.1.8-0%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2qje-t52h-fyfk" }, { "vulnerability": "VCID-352p-mxyy-k3bu" }, { "vulnerability": "VCID-e9kf-tzg8-9bht" }, { "vulnerability": "VCID-grh1-jxmf-dqdv" }, { "vulnerability": "VCID-mun9-fyvn-8kfs" }, { "vulnerability": "VCID-ns98-tu4j-sfd5" }, { "vulnerability": "VCID-uakc-kpg5-2ug5" }, { "vulnerability": "VCID-wrb6-w8ps-uuge" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.1.8-0%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582179?format=api", "purl": "pkg:deb/debian/ffmpeg@7:7.1.3-0%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2qje-t52h-fyfk" }, { "vulnerability": "VCID-352p-mxyy-k3bu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:7.1.3-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582180?format=api", "purl": "pkg:deb/debian/ffmpeg@7:8.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:8.1-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-6603" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7kmr-r2hd-dfap" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/ffmpeg@7:5.0.1-2%3Fdistro=trixie" }