Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/936065?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/936065?format=api", "purl": "pkg:deb/debian/putty@0.81-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "putty", "version": "0.81-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "0.83-3", "latest_non_vulnerable_version": "0.83-3", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50594?format=api", "vulnerability_id": "VCID-24cg-zw49-b3ab", "summary": "Multiple vulnerabilities have been discovered in PuTTY, the worst of which could lead to compromised keys.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.9536", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95376", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95353", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95356", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95374", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.9537", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95363", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95361", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.19629", "scoring_system": "epss", "scoring_elements": "0.95403", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.19629", "scoring_system": "epss", "scoring_elements": "0.95393", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.19629", "scoring_system": "epss", "scoring_elements": "0.95399", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31497" }, { "reference_url": "https://twitter.com/lambdafu/status/1779969509522133272", "reference_id": "1779969509522133272", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://twitter.com/lambdafu/status/1779969509522133272" }, { "reference_url": "https://twitter.com/CCBalert/status/1780229237569470549", "reference_id": "1780229237569470549", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://twitter.com/CCBalert/status/1780229237569470549" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2024/04/15/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/15/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6" }, { "reference_url": "https://github.com/daedalus/BreakingECDSAwithLLL", "reference_id": "BreakingECDSAwithLLL", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://github.com/daedalus/BreakingECDSAwithLLL" }, { "reference_url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward", "reference_id": "Chapter9.html#pageant-forward", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2024-31497", "reference_id": "CVE-2024-31497", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497" }, { "reference_url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/", "reference_id": "cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/" }, { "reference_url": "https://github.com/advisories/GHSA-6p4c-r453-8743", "reference_id": "GHSA-6p4c-r453-8743", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://github.com/advisories/GHSA-6p4c-r453-8743" }, { "reference_url": "https://security.gentoo.org/glsa/202407-11", "reference_id": "GLSA-202407-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-11" }, { "reference_url": "https://news.ycombinator.com/item?id=40044665", "reference_id": "item?id=40044665", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://news.ycombinator.com/item?id=40044665" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/", "reference_id": "IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/" }, { "reference_url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty", "reference_id": "key-generation-and-agent-forwarding-with-putty", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/", "reference_id": "MMHILY2K7HQGQRHOC375KRRG2M6625RD", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html" }, { "reference_url": "https://winscp.net/eng/news.php", "reference_id": "news.php", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://winscp.net/eng/news.php" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/", "reference_id": "PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/" }, { "reference_url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git", "reference_id": "putty.git", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git" }, { "reference_url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/", "reference_id": "putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/" }, { "reference_url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/", "reference_id": "putty_vulnerability_affecting_v068_to_v08", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864", "reference_id": "show_bug.cgi?id=1222864", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183", "reference_id": "show_bug.cgi?id=2275183", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183" }, { "reference_url": "https://tortoisegit.org", "reference_id": "tortoisegit.org", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://tortoisegit.org" }, { "reference_url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html", "reference_id": "vuln-p521-bias.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/", "reference_id": "WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/", "reference_id": "WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936045?format=api", "purl": "pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936043?format=api", "purl": "pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936065?format=api", "purl": "pkg:deb/debian/putty@0.81-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.81-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936046?format=api", "purl": "pkg:deb/debian/putty@0.83-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-31497" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24cg-zw49-b3ab" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.81-1%3Fdistro=trixie" }