Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/91853?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/91853?format=api", "purl": "pkg:deb/debian/condor@23.2.0%2Bdfsg-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "condor", "version": "23.2.0+dfsg-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "23.9.6+dfsg-2", "latest_non_vulnerable_version": "25.10.1+dfsg-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65286?format=api", "vulnerability_id": "VCID-8xku-uyx1-eycb", "summary": "An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing additional commands to that daemon.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63812", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00447", "scoring_system": "epss", "scoring_elements": "0.63854", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26110" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008634", "reference_id": "1008634", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008634" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/91853?format=api", "purl": "pkg:deb/debian/condor@23.2.0%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@23.2.0%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/91845?format=api", "purl": "pkg:deb/debian/condor@23.9.6%2Bdfsg-2.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@23.9.6%252Bdfsg-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/91843?format=api", "purl": "pkg:deb/debian/condor@25.10.1%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@25.10.1%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-26110" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xku-uyx1-eycb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65279?format=api", "vulnerability_id": "VCID-ckkz-17cn-57d7", "summary": "HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control. It is possible to use a different authentication method to submit a job than the administrator has specified. If the administrator has configured the READ or WRITE methods to include CLAIMTOBE, then it is possible to impersonate another user to the condor_schedd. (For example to submit or remove jobs)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18823", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02816", "scoring_system": "epss", "scoring_elements": "0.86414", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02816", "scoring_system": "epss", "scoring_elements": "0.86436", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26110" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963777", "reference_id": "963777", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963777" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/91853?format=api", "purl": "pkg:deb/debian/condor@23.2.0%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@23.2.0%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/91845?format=api", "purl": "pkg:deb/debian/condor@23.9.6%2Bdfsg-2.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@23.9.6%252Bdfsg-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/91843?format=api", "purl": "pkg:deb/debian/condor@25.10.1%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@25.10.1%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-18823" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ckkz-17cn-57d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65282?format=api", "vulnerability_id": "VCID-h2cu-k9rj-7bgx", "summary": "An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using standard command-line tools, a user with only READ access to an HTCondor SchedD or Collector daemon can discover secrets that could allow them to control other users' jobs and/or read their data.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-45101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58721", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58767", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-45101" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002540", "reference_id": "1002540", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002540" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/91853?format=api", "purl": "pkg:deb/debian/condor@23.2.0%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@23.2.0%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/91845?format=api", "purl": "pkg:deb/debian/condor@23.9.6%2Bdfsg-2.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@23.9.6%252Bdfsg-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/91843?format=api", "purl": "pkg:deb/debian/condor@25.10.1%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@25.10.1%252Bdfsg-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-45101" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h2cu-k9rj-7bgx" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/condor@23.2.0%252Bdfsg-1%3Fdistro=trixie" }