VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/929212?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/929212?format=api",
    "purl": "pkg:deb/debian/libxml2@2.7.8.dfsg-5?distro=trixie",
    "type": "deb",
    "namespace": "debian",
    "name": "libxml2",
    "version": "2.7.8.dfsg-5",
    "qualifiers": {
        "distro": "trixie"
    },
    "subpath": "",
    "is_vulnerable": false,
    "next_non_vulnerable_version": "2.7.8.dfsg-5.1",
    "latest_non_vulnerable_version": "2.15.2+dfsg-0.1",
    "affected_by_vulnerabilities": [],
    "fixing_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48611?format=api",
            "vulnerability_id": "VCID-8pmj-m5vu-4uc2",
            "summary": "Multiple vulnerabilities were found in libxml2 which could lead to\n    execution of arbitrary code or a Denial of Service.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2821.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2821.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2821",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.01915",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83241",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.01915",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83257",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.01915",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83272",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.01915",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83271",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.01915",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83295",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.01915",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83304",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.01915",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83319",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.01915",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83313",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.01915",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83309",
                            "published_at": "2026-04-13T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2821"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648",
                    "reference_id": "643648",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=735712",
                    "reference_id": "735712",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=735712"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201110-26",
                    "reference_id": "GLSA-201110-26",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201110-26"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2011:1749",
                    "reference_id": "RHSA-2011:1749",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2011:1749"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217",
                    "reference_id": "RHSA-2013:0217",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2013:0217"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/1334-1/",
                    "reference_id": "USN-1334-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/1334-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929212?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.7.8.dfsg-5?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929198?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-62bb-e8vk-7uh4"
                        },
                        {
                            "vulnerability": "VCID-d1ar-1945-sygd"
                        },
                        {
                            "vulnerability": "VCID-knx8-5fpz-zbgn"
                        },
                        {
                            "vulnerability": "VCID-nj3a-zqw9-6bga"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929196?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-62bb-e8vk-7uh4"
                        },
                        {
                            "vulnerability": "VCID-d1ar-1945-sygd"
                        },
                        {
                            "vulnerability": "VCID-knx8-5fpz-zbgn"
                        },
                        {
                            "vulnerability": "VCID-nj3a-zqw9-6bga"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929200?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-62bb-e8vk-7uh4"
                        },
                        {
                            "vulnerability": "VCID-d1ar-1945-sygd"
                        },
                        {
                            "vulnerability": "VCID-knx8-5fpz-zbgn"
                        },
                        {
                            "vulnerability": "VCID-nj3a-zqw9-6bga"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929199?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie"
                }
            ],
            "aliases": [
                "CVE-2011-2821"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8pmj-m5vu-4uc2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40399?format=api",
            "vulnerability_id": "VCID-js7v-8a5j-h7ba",
            "summary": "Multiple vulnerabilities have been reported in Chromium and V8,\n    some of which may allow execution of arbitrary code and local root\n    privilege escalation.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2834.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2834.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2834",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.029",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86288",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.029",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86298",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.029",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86316",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.029",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86317",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.029",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86335",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.029",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86345",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.029",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86359",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.029",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86357",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.029",
                            "scoring_system": "epss",
                            "scoring_elements": "0.86352",
                            "published_at": "2026-04-13T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2834"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648",
                    "reference_id": "643648",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=735751",
                    "reference_id": "735751",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=735751"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201110-26",
                    "reference_id": "GLSA-201110-26",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201110-26"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201111-01",
                    "reference_id": "GLSA-201111-01",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201111-01"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2011:1749",
                    "reference_id": "RHSA-2011:1749",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2011:1749"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2012:0016",
                    "reference_id": "RHSA-2012:0016",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2012:0016"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2012:0017",
                    "reference_id": "RHSA-2012:0017",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2012:0017"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217",
                    "reference_id": "RHSA-2013:0217",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2013:0217"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/1334-1/",
                    "reference_id": "USN-1334-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/1334-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929212?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.7.8.dfsg-5?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929198?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-62bb-e8vk-7uh4"
                        },
                        {
                            "vulnerability": "VCID-d1ar-1945-sygd"
                        },
                        {
                            "vulnerability": "VCID-knx8-5fpz-zbgn"
                        },
                        {
                            "vulnerability": "VCID-nj3a-zqw9-6bga"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929196?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-62bb-e8vk-7uh4"
                        },
                        {
                            "vulnerability": "VCID-d1ar-1945-sygd"
                        },
                        {
                            "vulnerability": "VCID-knx8-5fpz-zbgn"
                        },
                        {
                            "vulnerability": "VCID-nj3a-zqw9-6bga"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929200?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-62bb-e8vk-7uh4"
                        },
                        {
                            "vulnerability": "VCID-d1ar-1945-sygd"
                        },
                        {
                            "vulnerability": "VCID-knx8-5fpz-zbgn"
                        },
                        {
                            "vulnerability": "VCID-nj3a-zqw9-6bga"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/929199?format=api",
                    "purl": "pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie"
                }
            ],
            "aliases": [
                "CVE-2011-2834"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-js7v-8a5j-h7ba"
        }
    ],
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-5%3Fdistro=trixie"
}

Package Instance