Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/69841?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/69841?format=api", "purl": "pkg:pypi/motioneye@0.40rc2", "type": "pypi", "namespace": "", "name": "motioneye", "version": "0.40rc2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "0.43.1b5", "latest_non_vulnerable_version": "0.43.1b5", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/208588?format=api", "vulnerability_id": "VCID-19se-6amw-xbhq", "summary": "MotionEye allows attackers to access sensitive information", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-25568", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.8531", "scoring_system": "epss", "scoring_elements": "0.99384", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.8531", "scoring_system": "epss", "scoring_elements": "0.99381", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-25568" }, { "reference_url": "https://github.com/ccrisan/motioneye/issues/2292", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ccrisan/motioneye/issues/2292" }, { "reference_url": "https://github.com/motioneye-project/motioneye", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/motioneye-project/motioneye" }, { "reference_url": "https://github.com/motioneye-project/motioneye/commit/c60b64af5bb8c09189071522a1f6796cb44340b0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/motioneye-project/motioneye/commit/c60b64af5bb8c09189071522a1f6796cb44340b0" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/motioneye/PYSEC-2022-43141.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/motioneye/PYSEC-2022-43141.yaml" }, { "reference_url": "https://www.pizzapower.me/2022/02/17/motioneye-config-info-disclosure", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.pizzapower.me/2022/02/17/motioneye-config-info-disclosure" }, { "reference_url": "https://www.pizzapower.me/2022/02/17/motioneye-config-info-disclosure/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://www.pizzapower.me/2022/02/17/motioneye-config-info-disclosure/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25568", "reference_id": "CVE-2022-25568", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25568" }, { "reference_url": "https://github.com/advisories/GHSA-2c7w-v459-cwgf", "reference_id": "GHSA-2c7w-v459-cwgf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2c7w-v459-cwgf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/19838?format=api", "purl": "pkg:pypi/motioneye@0.43.1b1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2z93-3ahx-hfae" }, { "vulnerability": "VCID-61vg-qm9f-gbhp" }, { "vulnerability": "VCID-ntf9-j7zg-zqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/motioneye@0.43.1b1" } ], "aliases": [ "CVE-2022-25568", "GHSA-2c7w-v459-cwgf", "PYSEC-2022-43141" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-19se-6amw-xbhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212279?format=api", "vulnerability_id": "VCID-61vg-qm9f-gbhp", "summary": "Duplicate Advisory: motionEye vulnerable to RCE via unsanitized motion config parameter", "references": [ { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60787", "reference_id": "CVE-2025-60787", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60787" }, { "reference_url": "https://github.com/advisories/GHSA-26f6-wm47-7h7j", "reference_id": "GHSA-26f6-wm47-7h7j", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-26f6-wm47-7h7j" } ], "fixed_packages": [], "aliases": [ "GHSA-26f6-wm47-7h7j" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-61vg-qm9f-gbhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/207623?format=api", "vulnerability_id": "VCID-akjw-q2d4-d7ac", "summary": "Unrestricted Upload of File with Dangerous Type in motionEye", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13636", "scoring_system": "epss", "scoring_elements": "0.94431", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.13636", "scoring_system": "epss", "scoring_elements": "0.94411", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44255" }, { "reference_url": "https://github.com/ccrisan/motioneye", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ccrisan/motioneye" }, { "reference_url": "https://github.com/ccrisan/motioneyeos/issues/2843", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ccrisan/motioneyeos/issues/2843" }, { "reference_url": "https://www.pizzapower.me/2021/10/09/self-hosted-security-part-1-motioneye", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.pizzapower.me/2021/10/09/self-hosted-security-part-1-motioneye" }, { "reference_url": "https://www.pizzapower.me/2021/10/09/self-hosted-security-part-1-motioneye/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.pizzapower.me/2021/10/09/self-hosted-security-part-1-motioneye/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44255", "reference_id": "CVE-2021-44255", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44255" }, { "reference_url": "https://github.com/advisories/GHSA-m2c7-42rf-c62f", "reference_id": "GHSA-m2c7-42rf-c62f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-m2c7-42rf-c62f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18888?format=api", "purl": "pkg:pypi/motioneye@0.42.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-19se-6amw-xbhq" }, { "vulnerability": "VCID-61vg-qm9f-gbhp" }, { "vulnerability": "VCID-akjw-q2d4-d7ac" }, { "vulnerability": "VCID-ntf9-j7zg-zqes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/motioneye@0.42.1" } ], "aliases": [ "CVE-2021-44255", "GHSA-m2c7-42rf-c62f" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-akjw-q2d4-d7ac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97014?format=api", "vulnerability_id": "VCID-ntf9-j7zg-zqes", "summary": "MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name. Unsanitized user input is written to Motion configuration files, allowing remote authenticated attackers with admin access to achieve code execution when Motion is restarted.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-60787", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.57917", "scoring_system": "epss", "scoring_elements": "0.98223", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.57917", "scoring_system": "epss", "scoring_elements": "0.98217", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-60787" }, { "reference_url": "https://github.com/motioneye-project/motioneye", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/motioneye-project/motioneye" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52481.txt", "reference_id": "CVE-2025-60787", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52481.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60787", "reference_id": "CVE-2025-60787", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60787" }, { "reference_url": "https://github.com/advisories/GHSA-j945-qm58-4gjx", "reference_id": "GHSA-j945-qm58-4gjx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j945-qm58-4gjx" }, { "reference_url": "https://github.com/motioneye-project/motioneye/security/advisories/GHSA-j945-qm58-4gjx", "reference_id": "GHSA-j945-qm58-4gjx", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/motioneye-project/motioneye/security/advisories/GHSA-j945-qm58-4gjx" }, { "reference_url": "http://motioneye-project.com", "reference_id": "motioneye-project.com", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-03T14:57:27Z/" } ], "url": "http://motioneye-project.com" }, { "reference_url": "https://github.com/prabhatverma47/motionEye-RCE-through-config-parameter", "reference_id": "motionEye-RCE-through-config-parameter", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-03T14:57:27Z/" } ], "url": "https://github.com/prabhatverma47/motionEye-RCE-through-config-parameter" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/34989?format=api", "purl": "pkg:pypi/motioneye@0.43.1b5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/motioneye@0.43.1b5" } ], "aliases": [ "CVE-2025-60787", "GHSA-j945-qm58-4gjx" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntf9-j7zg-zqes" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/motioneye@0.40rc2" }