Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/943248?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/943248?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-6.1?distro=trixie", "type": "deb", "namespace": "debian", "name": "xdm", "version": "1:1.1.11-6.1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1:1.1.17-2", "latest_non_vulnerable_version": "1:1.1.17-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49831?format=api", "vulnerability_id": "VCID-6cns-hbja-1bab", "summary": "X.org, libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm are vulnerable\n to local privilege escalations because of unchecked setuid() calls.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4447.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38864", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38996", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39016", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38947", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39014", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39027", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38991", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38964", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.39011", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4447" }, { "reference_url": "https://security.gentoo.org/glsa/200608-25", "reference_id": "GLSA-200608-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-25" }, { "reference_url": "https://security.gentoo.org/glsa/200704-22", "reference_id": "GLSA-200704-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200704-22" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943249?format=api", "purl": "pkg:deb/debian/xdm@1:1.0.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.0.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943245?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943248?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943247?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.17-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.17-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-4447" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6cns-hbja-1bab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86650?format=api", "vulnerability_id": "VCID-fv9m-b3zb-uuem", "summary": "xorg-x11-xdm: NULL pointer dereference (DoS) when verifying user credentials in FIPS-140 mode or using glibc >= 2.17", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2179.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2179.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73243", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73275", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73248", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73284", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73297", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73322", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73302", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73294", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00758", "scoring_system": "epss", "scoring_elements": "0.73337", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2179" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=973695", "reference_id": "973695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=973695" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943246?format=api", "purl": "pkg:deb/debian/xdm@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943245?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943248?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943247?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.17-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.17-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2179" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fv9m-b3zb-uuem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88911?format=api", "vulnerability_id": "VCID-kprv-r1fp-13ds", "summary": "xdm symlink attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5215.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5215.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5215", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23389", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.2355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23587", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23368", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23491", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23508", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.2347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23415", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23433", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5215" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5215", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5215" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=230008", "reference_id": "230008", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=230008" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943249?format=api", "purl": "pkg:deb/debian/xdm@1:1.0.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.0.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943245?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943248?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943247?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.17-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.17-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-5215" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kprv-r1fp-13ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89491?format=api", "vulnerability_id": "VCID-n5yn-gtrk-kyfu", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0419.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0419.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02796", "scoring_system": "epss", "scoring_elements": "0.86036", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02796", "scoring_system": "epss", "scoring_elements": "0.86047", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02796", "scoring_system": "epss", "scoring_elements": "0.86063", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02796", "scoring_system": "epss", "scoring_elements": "0.86083", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02796", "scoring_system": "epss", "scoring_elements": "0.86093", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02796", "scoring_system": "epss", "scoring_elements": "0.86108", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02796", "scoring_system": "epss", "scoring_elements": "0.86105", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02796", "scoring_system": "epss", "scoring_elements": "0.861", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02796", "scoring_system": "epss", "scoring_elements": "0.86118", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0419" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617203", "reference_id": "1617203", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:478", "reference_id": "RHSA-2004:478", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943246?format=api", "purl": "pkg:deb/debian/xdm@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943245?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943248?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943247?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.17-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.17-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-0419" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n5yn-gtrk-kyfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88910?format=api", "vulnerability_id": "VCID-nr1t-bujr-x7cc", "summary": "xdm race", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5214.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5214.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23829", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23953", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23993", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23781", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23852", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23899", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23915", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23871", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23814", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23826", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-5214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5214" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=230007", "reference_id": "230007", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=230007" }, { "reference_url": "https://usn.ubuntu.com/364-1/", "reference_id": "USN-364-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/364-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943249?format=api", "purl": "pkg:deb/debian/xdm@1:1.0.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.0.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943245?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943248?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.11-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943247?format=api", "purl": "pkg:deb/debian/xdm@1:1.1.17-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.17-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-5214" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nr1t-bujr-x7cc" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xdm@1:1.1.11-6.1%3Fdistro=trixie" }