VulnerableCode.io REST API

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/106104?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106104?format=api",
    "vulnerability_id": "VCID-scrz-m4nx-mkcr",
    "summary": "The physdev_get_free_pirq hypercall in arch/x86/physdev.c in Xen 4.1.x and Citrix XenServer 6.0.2 and earlier uses the return value of the get_free_pirq function as an array index without checking that the return value indicates an error, which allows guest OS users to cause a denial of service (invalid memory write and host crash) and possibly gain privileges via unspecified vectors.",
    "aliases": [
        {
            "alias": "CVE-2012-3495"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/135926?format=api",
            "purl": "pkg:deb/debian/xen@4.1.3-2?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.1.3-2%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/135902?format=api",
            "purl": "pkg:deb/debian/xen@4.14.6-1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-27xc-hy1s-n7bf"
                },
                {
                    "vulnerability": "VCID-2qbn-f381-abhx"
                },
                {
                    "vulnerability": "VCID-2wu6-2tup-2ub2"
                },
                {
                    "vulnerability": "VCID-339r-nmjn-gfa2"
                },
                {
                    "vulnerability": "VCID-3nb3-3wud-jfhv"
                },
                {
                    "vulnerability": "VCID-5qmr-dc83-fqb1"
                },
                {
                    "vulnerability": "VCID-6uvb-67h4-1fgy"
                },
                {
                    "vulnerability": "VCID-7yrz-z3a2-vkgg"
                },
                {
                    "vulnerability": "VCID-8gj8-dga7-gkht"
                },
                {
                    "vulnerability": "VCID-8r4d-1tcs-13gd"
                },
                {
                    "vulnerability": "VCID-9g21-rc3r-5uer"
                },
                {
                    "vulnerability": "VCID-c58r-gesb-f7hq"
                },
                {
                    "vulnerability": "VCID-cgzn-pdre-1bec"
                },
                {
                    "vulnerability": "VCID-cvj7-478z-x3b1"
                },
                {
                    "vulnerability": "VCID-dke6-vwb6-fuf4"
                },
                {
                    "vulnerability": "VCID-dwq4-9tk2-8yfp"
                },
                {
                    "vulnerability": "VCID-f7v4-85sw-1keq"
                },
                {
                    "vulnerability": "VCID-fwx8-9f5e-v7hw"
                },
                {
                    "vulnerability": "VCID-jcpf-68kx-67fr"
                },
                {
                    "vulnerability": "VCID-jm1q-fxpu-qbg3"
                },
                {
                    "vulnerability": "VCID-k3xq-ruut-3yhw"
                },
                {
                    "vulnerability": "VCID-k5qj-xcvq-5ke1"
                },
                {
                    "vulnerability": "VCID-k6gh-hx5m-wba2"
                },
                {
                    "vulnerability": "VCID-kcwp-bu7h-6kds"
                },
                {
                    "vulnerability": "VCID-kpyj-6qpe-pbep"
                },
                {
                    "vulnerability": "VCID-ma7k-xrxw-vubd"
                },
                {
                    "vulnerability": "VCID-ma9d-b2uy-jkft"
                },
                {
                    "vulnerability": "VCID-mvnt-qc9z-jygu"
                },
                {
                    "vulnerability": "VCID-navq-t6wp-xqaf"
                },
                {
                    "vulnerability": "VCID-rm4s-2uwv-tkac"
                },
                {
                    "vulnerability": "VCID-rw5e-3s13-hycn"
                },
                {
                    "vulnerability": "VCID-su6k-nv2m-yqac"
                },
                {
                    "vulnerability": "VCID-swjx-x5hb-n3c2"
                },
                {
                    "vulnerability": "VCID-sx9z-gbkd-8fgv"
                },
                {
                    "vulnerability": "VCID-t5nz-98gp-7fa1"
                },
                {
                    "vulnerability": "VCID-t63z-5wwn-1bh9"
                },
                {
                    "vulnerability": "VCID-t9tt-yd4b-r3cy"
                },
                {
                    "vulnerability": "VCID-u4yc-hhne-2kaz"
                },
                {
                    "vulnerability": "VCID-vj8v-zms6-gug9"
                },
                {
                    "vulnerability": "VCID-vkt6-fjzc-4uay"
                },
                {
                    "vulnerability": "VCID-w8sx-m2vx-1ucv"
                },
                {
                    "vulnerability": "VCID-wuca-6w96-kfdp"
                },
                {
                    "vulnerability": "VCID-x9md-fcrv-y7d8"
                },
                {
                    "vulnerability": "VCID-xa2b-k4ye-e7d3"
                },
                {
                    "vulnerability": "VCID-yqrw-w2g9-2kf9"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.14.6-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/135900?format=api",
            "purl": "pkg:deb/debian/xen@4.17.5%2B72-g01140da4e8-1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-2qbn-f381-abhx"
                },
                {
                    "vulnerability": "VCID-67uu-vpqg-gbc9"
                },
                {
                    "vulnerability": "VCID-k5qj-xcvq-5ke1"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.17.5%252B72-g01140da4e8-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/135904?format=api",
            "purl": "pkg:deb/debian/xen@4.20.2%2B37-g61ff35323e-0%2Bdeb13u1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-5qmr-dc83-fqb1"
                },
                {
                    "vulnerability": "VCID-67uu-vpqg-gbc9"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.20.2%252B37-g61ff35323e-0%252Bdeb13u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/135903?format=api",
            "purl": "pkg:deb/debian/xen@4.20.2%2B37-g61ff35323e-1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-5qmr-dc83-fqb1"
                },
                {
                    "vulnerability": "VCID-67uu-vpqg-gbc9"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.20.2%252B37-g61ff35323e-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/194755?format=api",
            "purl": "pkg:ebuild/app-emulation/pvgrub@4.6.0",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/pvgrub@4.6.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/194756?format=api",
            "purl": "pkg:ebuild/app-emulation/pvgrub@4.6.0-r9",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/pvgrub@4.6.0-r9"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/190836?format=api",
            "purl": "pkg:ebuild/app-emulation/xen@4.2.2-r1",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen@4.2.2-r1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/194750?format=api",
            "purl": "pkg:ebuild/app-emulation/xen@4.6.0-r9",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen@4.6.0-r9"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/190839?format=api",
            "purl": "pkg:ebuild/app-emulation/xen-pvgrub@4.2.2-r1",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-pvgrub@4.2.2-r1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/190840?format=api",
            "purl": "pkg:ebuild/app-emulation/xen-pvgrub@4.2.2-r3",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-pvgrub@4.2.2-r3"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/194751?format=api",
            "purl": "pkg:ebuild/app-emulation/xen-pvgrub@4.6.0",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-pvgrub@4.6.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/194752?format=api",
            "purl": "pkg:ebuild/app-emulation/xen-pvgrub@4.6.0-r9",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-pvgrub@4.6.0-r9"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/190837?format=api",
            "purl": "pkg:ebuild/app-emulation/xen-tools@4.2.2-r1",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-tools@4.2.2-r1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/190838?format=api",
            "purl": "pkg:ebuild/app-emulation/xen-tools@4.2.2-r3",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-tools@4.2.2-r3"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/194753?format=api",
            "purl": "pkg:ebuild/app-emulation/xen-tools@4.6.0",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-tools@4.6.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/194754?format=api",
            "purl": "pkg:ebuild/app-emulation/xen-tools@4.6.0-r9",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/xen-tools@4.6.0-r9"
        }
    ],
    "affected_packages": [],
    "references": [
        {
            "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3495.json",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3495.json"
        },
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3495",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.00081",
                    "scoring_system": "epss",
                    "scoring_elements": "0.23805",
                    "published_at": "2026-06-04T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3495"
        },
        {
            "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686764",
            "reference_id": "686764",
            "reference_type": "",
            "scores": [],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686764"
        },
        {
            "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=851165",
            "reference_id": "851165",
            "reference_type": "",
            "scores": [],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=851165"
        },
        {
            "reference_url": "https://security.gentoo.org/glsa/201309-24",
            "reference_id": "GLSA-201309-24",
            "reference_type": "",
            "scores": [],
            "url": "https://security.gentoo.org/glsa/201309-24"
        },
        {
            "reference_url": "https://security.gentoo.org/glsa/201604-03",
            "reference_id": "GLSA-201604-03",
            "reference_type": "",
            "scores": [],
            "url": "https://security.gentoo.org/glsa/201604-03"
        },
        {
            "reference_url": "https://xenbits.xen.org/xsa/advisory-13.html",
            "reference_id": "XSA-13",
            "reference_type": "",
            "scores": [],
            "url": "https://xenbits.xen.org/xsa/advisory-13.html"
        }
    ],
    "weaknesses": [],
    "exploits": [],
    "severity_range_score": null,
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-scrz-m4nx-mkcr"
}

Vulnerability Instance