Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/224099?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/224099?format=api", "vulnerability_id": "VCID-a26y-wztu-y7ab", "summary": "", "aliases": [ { "alias": "CVE-2023-33934" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/210259?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.9%2Bds-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.9%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/210225?format=api", "purl": "pkg:deb/debian/trafficserver@8.1.10%2Bds-1~deb11u1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3jfe-t1r4-xfds" }, { "vulnerability": "VCID-43vz-vy1m-6qdr" }, { "vulnerability": "VCID-57nf-f2ty-4bca" }, { "vulnerability": "VCID-79rw-pvv7-6kbc" }, { "vulnerability": "VCID-eurz-q67b-7fd8" }, { "vulnerability": "VCID-m1fn-bejb-1yfw" }, { "vulnerability": "VCID-ub6f-38h8-n7fv" }, { "vulnerability": "VCID-wead-6rts-3kaw" }, { "vulnerability": "VCID-yfc4-wf3v-5qcj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@8.1.10%252Bds-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/210260?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.2%2Bds-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.2%252Bds-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/210258?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.3%2Bds-1%2Bdeb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.3%252Bds-1%252Bdeb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/210223?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-0%2Bdeb12u4?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-0%252Bdeb12u4%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/210226?format=api", "purl": "pkg:deb/debian/trafficserver@9.2.5%2Bds-1?distro=sid", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3jfe-t1r4-xfds" }, { "vulnerability": "VCID-43vz-vy1m-6qdr" }, { "vulnerability": "VCID-57nf-f2ty-4bca" }, { "vulnerability": "VCID-79rw-pvv7-6kbc" }, { "vulnerability": "VCID-e3zq-sb2w-7uha" }, { "vulnerability": "VCID-eurz-q67b-7fd8" }, { "vulnerability": "VCID-hx9s-fsjh-kuc4" }, { "vulnerability": "VCID-m1fn-bejb-1yfw" }, { "vulnerability": "VCID-ub6f-38h8-n7fv" }, { "vulnerability": "VCID-wead-6rts-3kaw" }, { "vulnerability": "VCID-yfc4-wf3v-5qcj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/trafficserver@9.2.5%252Bds-1%3Fdistro=sid" } ], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.64193", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-33934" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430", "reference_id": "1043430", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043430" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/", "reference_id": "BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOTOM2MFKOLK46Q3BQHO662HTPZFRQUC/" }, { "reference_url": "https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc", "reference_id": "jsl6dfdgs1mjjo1mbtyflyjr7xftswhc", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/" } ], "url": "https://lists.apache.org/thread/jsl6dfdgs1mjjo1mbtyflyjr7xftswhc" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html", "reference_id": "msg00042.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-01T18:29:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00042.html" } ], "weaknesses": [ { "cwe_id": 444, "name": "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", "description": "The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination." } ], "exploits": [], "severity_range_score": "9.1 - 9.1", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a26y-wztu-y7ab" }