Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/934273?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/934273?format=api", "purl": "pkg:deb/debian/otrs2@6.0.13-1?distro=bullseye", "type": "deb", "namespace": "debian", "name": "otrs2", "version": "6.0.13-1", "qualifiers": { "distro": "bullseye" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "6.0.14-1", "latest_non_vulnerable_version": "6.0.32-6", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93632?format=api", "vulnerability_id": "VCID-ew2x-9cat-v3h1", "summary": "Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52702", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52743", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52769", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52736", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52786", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52781", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52831", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52798", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52836", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52842", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52826", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19142" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934273?format=api", "purl": "pkg:deb/debian/otrs2@6.0.13-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.13-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/934233?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-19142" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ew2x-9cat-v3h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93633?format=api", "vulnerability_id": "VCID-qu28-hr3t-kkca", "summary": "Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19143", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31821", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3195", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31992", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31811", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31864", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31892", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31896", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31856", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31853", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31834", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31806", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19143" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934273?format=api", "purl": "pkg:deb/debian/otrs2@6.0.13-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.13-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/934233?format=api", "purl": "pkg:deb/debian/otrs2@6.0.32-6?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.32-6%3Fdistro=bullseye" } ], "aliases": [ "CVE-2018-19143" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qu28-hr3t-kkca" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/otrs2@6.0.13-1%3Fdistro=bullseye" }