Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/67541?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/67541?format=api", "purl": "pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.17.6", "type": "maven", "namespace": "org.apache.activemq", "name": "activemq-openwire-legacy", "version": "5.17.6", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "5.18.3", "latest_non_vulnerable_version": "5.18.3", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46300?format=api", "vulnerability_id": "VCID-jr78-93dc-6ud9", "summary": "False positive\nThis advisory has been marked as a false positive.", "references": [ { "reference_url": "https://github.com/apache/activemq", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/activemq" }, { "reference_url": "https://github.com/apache/activemq/commit/22442b2385b1000312aec3d19e510131d595a5fc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/activemq/commit/22442b2385b1000312aec3d19e510131d595a5fc" }, { "reference_url": "https://github.com/apache/activemq/commit/80089f9f476afab7d976f5fc37c5ab4aa0c2139d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/activemq/commit/80089f9f476afab7d976f5fc37c5ab4aa0c2139d" }, { "reference_url": "https://github.com/apache/activemq/commit/958330df26cf3d5cdb63905dc2c6882e98781d8f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/activemq/commit/958330df26cf3d5cdb63905dc2c6882e98781d8f" }, { "reference_url": "https://github.com/apache/activemq/commit/9905e2a5bf9862a049f94ce0a2465b0c7ad52436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/activemq/commit/9905e2a5bf9862a049f94ce0a2465b0c7ad52436" }, { "reference_url": "https://github.com/apache/activemq/commit/d0ccdd31544ada83185554c87c7aa141064020f0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/activemq/commit/d0ccdd31544ada83185554c87c7aa141064020f0" }, { "reference_url": "https://github.com/apache/activemq/pull/1098", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/apache/activemq/pull/1098" }, { "reference_url": "https://issues.apache.org/jira/browse/AMQ-9370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.apache.org/jira/browse/AMQ-9370" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html" }, { "reference_url": "https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231110-0010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20231110-0010" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46604" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/10/27/5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openwall.com/lists/oss-security/2023/10/27/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/27/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2023/10/27/5" }, { "reference_url": "https://activemq.apache.org/security-advisories.data/CVE-2023-46604", "reference_id": "CVE-2023-46604", "reference_type": "", "scores": [], "url": "https://activemq.apache.org/security-advisories.data/CVE-2023-46604" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46604", "reference_id": "CVE-2023-46604", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46604" }, { "reference_url": "https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt", "reference_id": "CVE-2023-46604-ANNOUNCEMENT.TXT", "reference_type": "", "scores": [], "url": "https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt" }, { "reference_url": "https://github.com/advisories/GHSA-crg9-44h2-xw35", "reference_id": "GHSA-crg9-44h2-xw35", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-crg9-44h2-xw35" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/67539?format=api", "purl": "pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.15.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.15.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/67540?format=api", "purl": "pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.16.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.16.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/67541?format=api", "purl": "pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.17.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.17.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/67542?format=api", "purl": "pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.18.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.18.3" } ], "aliases": [ "CVE-2023-46604", "GHSA-crg9-44h2-xw35" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jr78-93dc-6ud9" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-openwire-legacy@5.17.6" }