Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/62342?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/62342?format=api", "purl": "pkg:maven/io.netty/netty@3.7", "type": "maven", "namespace": "io.netty", "name": "netty", "version": "3.7", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43474?format=api", "vulnerability_id": "VCID-7w4j-8pv9-zbce", "summary": "Netty denial of service vulnerability\nWebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames.", "references": [ { "reference_url": "http://netty.io/news/2014/04/30/release-day.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://netty.io/news/2014/04/30/release-day.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0193.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0193.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0193", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04075", "scoring_system": "epss", "scoring_elements": "0.88767", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.04075", "scoring_system": "epss", "scoring_elements": "0.88749", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0193" }, { "reference_url": "https://github.com/netty/netty", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty" }, { "reference_url": "https://github.com/netty/netty/commit/8599ab5bdb761bb99d41a975d689f74c12e4892b", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/commit/8599ab5bdb761bb99d41a975d689f74c12e4892b" }, { "reference_url": "https://github.com/netty/netty/issues/2441", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/netty/netty/issues/2441" }, { "reference_url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html" }, { "reference_url": "https://web.archive.org/web/20140509033427/http://www.securityfocus.com/bid/67182", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140509033427/http://www.securityfocus.com/bid/67182" }, { "reference_url": "https://web.archive.org/web/20140509044857/http://secunia.com/advisories/58280", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140509044857/http://secunia.com/advisories/58280" }, { "reference_url": "https://web.archive.org/web/20161119201425/http://secunia.com/advisories/59290", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20161119201425/http://secunia.com/advisories/59290" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092783", "reference_id": "1092783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092783" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0193", "reference_id": "CVE-2014-0193", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0193" }, { "reference_url": "https://github.com/advisories/GHSA-7vpq-g998-qpv7", "reference_id": "GHSA-7vpq-g998-qpv7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-7vpq-g998-qpv7" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0818", "reference_id": "RHSA-2014:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0910", "reference_id": "RHSA-2014:0910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1019", "reference_id": "RHSA-2014:1019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1020", "reference_id": "RHSA-2014:1020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1021", "reference_id": "RHSA-2014:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1351", "reference_id": "RHSA-2014:1351", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0234", "reference_id": "RHSA-2015:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0235", "reference_id": "RHSA-2015:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0675", "reference_id": "RHSA-2015:0675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0675" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0720", "reference_id": "RHSA-2015:0720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0765", "reference_id": "RHSA-2015:0765", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0765" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1009", "reference_id": "RHSA-2015:1009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1009" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/62347?format=api", "purl": "pkg:maven/io.netty/netty@3.7.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty@3.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/154670?format=api", "purl": "pkg:maven/io.netty/netty@3.7.1.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v1s-fd7a-57fa" }, { "vulnerability": "VCID-bchk-2x6c-qyhm" }, { "vulnerability": "VCID-h98v-8fr5-e7a7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty@3.7.1.Final" }, { "url": "http://public2.vulnerablecode.io/api/packages/62348?format=api", "purl": "pkg:maven/io.netty/netty@3.8.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty@3.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/154673?format=api", "purl": "pkg:maven/io.netty/netty@3.8.2.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2v1s-fd7a-57fa" }, { "vulnerability": "VCID-bchk-2x6c-qyhm" }, { "vulnerability": "VCID-h98v-8fr5-e7a7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty@3.8.2.Final" }, { "url": "http://public2.vulnerablecode.io/api/packages/62349?format=api", "purl": "pkg:maven/io.netty/netty@3.9.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty@3.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/51936?format=api", "purl": "pkg:maven/io.netty/netty@3.9.1.Final", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-22gb-pbnp-97gw" }, { "vulnerability": "VCID-2v1s-fd7a-57fa" }, { "vulnerability": "VCID-bchk-2x6c-qyhm" }, { "vulnerability": "VCID-h98v-8fr5-e7a7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty@3.9.1.Final" }, { "url": "http://public2.vulnerablecode.io/api/packages/62350?format=api", "purl": "pkg:maven/io.netty/netty@4.0.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty@4.0.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/154676?format=api", "purl": "pkg:maven/io.netty/netty@4.0.19.Final", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty@4.0.19.Final" } ], "aliases": [ "CVE-2014-0193", "GHSA-7vpq-g998-qpv7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7w4j-8pv9-zbce" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty@3.7" }