Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/935745?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/935745?format=api", "purl": "pkg:deb/debian/pound@2.6-3?distro=trixie", "type": "deb", "namespace": "debian", "name": "pound", "version": "2.6-3", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.6-6", "latest_non_vulnerable_version": "4.22-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54339?format=api", "vulnerability_id": "VCID-4mqa-bkha-kbaj", "summary": "security update", "references": [ { "reference_url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://arstechnica.com/security/2012/09/crime-hijacks-https-sessions/" }, { "reference_url": "http://code.google.com/p/chromium/issues/detail?id=139744", "reference_id": "", "reference_type": "", "scores": [], "url": "http://code.google.com/p/chromium/issues/detail?id=139744" }, { "reference_url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://isecpartners.com/blog/2012/9/14/details-on-the-crime-attack.html" }, { "reference_url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000129.html" }, { "reference_url": "http://jvn.jp/en/jp/JVN65273415/index.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://jvn.jp/en/jp/JVN65273415/index.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00048.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2" }, { "reference_url": "http://news.ycombinator.com/item?id=4510829", "reference_id": "", "reference_type": "", "scores": [], "url": "http://news.ycombinator.com/item?id=4510829" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0587.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13867", "scoring_system": "epss", "scoring_elements": "0.94313", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.13867", "scoring_system": "epss", "scoring_elements": "0.94297", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.13867", "scoring_system": "epss", "scoring_elements": "0.94298", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94601", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94585", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94615", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94611", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94592", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15291", "scoring_system": "epss", "scoring_elements": "0.94599", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4929" }, { "reference_url": "https://chromiumcodereview.appspot.com/10825183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://chromiumcodereview.appspot.com/10825183" }, { "reference_url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls", "reference_id": "", "reference_type": "", "scores": [], "url": "https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566" }, { "reference_url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor" }, { "reference_url": "https://gist.github.com/3696912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gist.github.com/3696912" }, { "reference_url": "https://github.com/mpgn/CRIME-poc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/mpgn/CRIME-poc" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18920" }, { "reference_url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://threatpost.com/en_us/blogs/demo-crime-tls-attack-091212" }, { "reference_url": "http://support.apple.com/kb/HT5784", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT5784" }, { "reference_url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312", "reference_id": "", "reference_type": "", "scores": [], "url": "http://threatpost.com/en_us/blogs/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312" }, { "reference_url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512", "reference_id": "", "reference_type": "", "scores": [], "url": "http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2012/dsa-2579" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2627", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2627" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3253", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3253" }, { "reference_url": "http://www.ekoparty.org/2012/thai-duong.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ekoparty.org/2012/thai-duong.php" }, { "reference_url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.iacr.org/cryptodb/data/paper.php?pubkey=3091" }, { "reference_url": "http://www.securityfocus.com/bid/55704", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/55704" }, { "reference_url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.theregister.co.uk/2012/09/14/crime_tls_attack/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1627-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1627-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1628-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1628-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1898-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1898-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936", "reference_id": "689936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399", "reference_id": "700399", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700399" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426", "reference_id": "700426", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197", "reference_id": "727197", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055", "reference_id": "728055", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728055" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051", "reference_id": "857051", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929", "reference_id": "CVE-2012-4929", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929" }, { "reference_url": "https://security.gentoo.org/glsa/201309-12", "reference_id": "GLSA-201309-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0587", "reference_id": "RHSA-2013:0587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0636", "reference_id": "RHSA-2013:0636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0416", "reference_id": "RHSA-2014:0416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0416" }, { "reference_url": "https://usn.ubuntu.com/1627-1/", "reference_id": "USN-1627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1627-1/" }, { "reference_url": "https://usn.ubuntu.com/1628-1/", "reference_id": "USN-1628-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1628-1/" }, { "reference_url": "https://usn.ubuntu.com/1898-1/", "reference_id": "USN-1898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/935745?format=api", "purl": "pkg:deb/debian/pound@2.6-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@2.6-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935737?format=api", "purl": "pkg:deb/debian/pound@3.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@3.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935740?format=api", "purl": "pkg:deb/debian/pound@4.16-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@4.16-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/935739?format=api", "purl": "pkg:deb/debian/pound@4.17-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@4.17-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059648?format=api", "purl": "pkg:deb/debian/pound@4.22-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@4.22-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-4929" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4mqa-bkha-kbaj" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pound@2.6-3%3Fdistro=trixie" }