VulnerableCode.io REST API

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/326491?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/326491?format=api",
    "vulnerability_id": "VCID-hh45-myn6-83ex",
    "summary": "",
    "aliases": [
        {
            "alias": "CVE-2026-2673"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/345597?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=aarch64&distroversion=v3.23&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=aarch64&distroversion=v3.23&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/345598?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=armhf&distroversion=v3.23&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=armhf&distroversion=v3.23&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/345599?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=armv7&distroversion=v3.23&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=armv7&distroversion=v3.23&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/345600?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=loongarch64&distroversion=v3.23&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=loongarch64&distroversion=v3.23&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/345601?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=ppc64le&distroversion=v3.23&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=ppc64le&distroversion=v3.23&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/345602?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=v3.23&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=v3.23&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/345603?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=s390x&distroversion=v3.23&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=s390x&distroversion=v3.23&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/345605?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=x86_64&distroversion=v3.23&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=x86_64&distroversion=v3.23&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/345604?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=x86&distroversion=v3.23&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=x86&distroversion=v3.23&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/233108?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=aarch64&distroversion=edge&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=aarch64&distroversion=edge&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/233109?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=armhf&distroversion=edge&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=armhf&distroversion=edge&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/233110?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=armv7&distroversion=edge&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=armv7&distroversion=edge&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/233111?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=loongarch64&distroversion=edge&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=loongarch64&distroversion=edge&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/233112?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=ppc64le&distroversion=edge&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=ppc64le&distroversion=edge&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/233113?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=riscv64&distroversion=edge&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=riscv64&distroversion=edge&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/233114?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=s390x&distroversion=edge&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=s390x&distroversion=edge&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/233116?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=x86_64&distroversion=edge&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=x86_64&distroversion=edge&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/233115?format=api",
            "purl": "pkg:apk/alpine/openssl@3.5.6-r0?arch=x86&distroversion=edge&reponame=main",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssl@3.5.6-r0%3Farch=x86&distroversion=edge&reponame=main"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/201246?format=api",
            "purl": "pkg:deb/debian/openssl@0?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@0%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/201221?format=api",
            "purl": "pkg:deb/debian/openssl@1.1.1w-0%2Bdeb11u1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-7y4x-nrsa-mbb3"
                },
                {
                    "vulnerability": "VCID-a6ex-h8k7-8fbx"
                },
                {
                    "vulnerability": "VCID-cccj-zqe2-1bbw"
                },
                {
                    "vulnerability": "VCID-mnvc-6qng-ufbb"
                },
                {
                    "vulnerability": "VCID-q64m-j51z-6fhu"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@1.1.1w-0%252Bdeb11u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/201219?format=api",
            "purl": "pkg:deb/debian/openssl@3.0.20-1~deb12u1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-cccj-zqe2-1bbw"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.0.20-1~deb12u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/201349?format=api",
            "purl": "pkg:deb/debian/openssl@3.5.5-1~deb13u2?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.5-1~deb13u2%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/201223?format=api",
            "purl": "pkg:deb/debian/openssl@3.5.6-1~deb13u1?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.5.6-1~deb13u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/201222?format=api",
            "purl": "pkg:deb/debian/openssl@3.6.2-1?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssl@3.6.2-1%3Fdistro=trixie"
        }
    ],
    "affected_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/110134?format=api",
            "purl": "pkg:rpm/redhat/openssl-main@3.5.6-0.1?arch=hum1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-2e7a-p1jj-93eu"
                },
                {
                    "vulnerability": "VCID-3fzu-b8xk-gfa7"
                },
                {
                    "vulnerability": "VCID-5cpy-4cch-uqhe"
                },
                {
                    "vulnerability": "VCID-6c9t-f9wj-cbbs"
                },
                {
                    "vulnerability": "VCID-7xw3-uquz-v7ek"
                },
                {
                    "vulnerability": "VCID-7y4x-nrsa-mbb3"
                },
                {
                    "vulnerability": "VCID-9u2f-m6r6-yqev"
                },
                {
                    "vulnerability": "VCID-a6ex-h8k7-8fbx"
                },
                {
                    "vulnerability": "VCID-bvz5-dj4f-gbbz"
                },
                {
                    "vulnerability": "VCID-ecac-wyth-3fgd"
                },
                {
                    "vulnerability": "VCID-f94y-yeah-y7cu"
                },
                {
                    "vulnerability": "VCID-fpxe-6bps-eke6"
                },
                {
                    "vulnerability": "VCID-hh45-myn6-83ex"
                },
                {
                    "vulnerability": "VCID-m28e-hawn-wqhh"
                },
                {
                    "vulnerability": "VCID-mg72-e4j7-4yax"
                },
                {
                    "vulnerability": "VCID-mnvc-6qng-ufbb"
                },
                {
                    "vulnerability": "VCID-pxab-d41r-m3c2"
                },
                {
                    "vulnerability": "VCID-pxaj-7epr-pqbs"
                },
                {
                    "vulnerability": "VCID-q64m-j51z-6fhu"
                },
                {
                    "vulnerability": "VCID-q6ke-1n27-53f1"
                },
                {
                    "vulnerability": "VCID-rkwm-zkyy-bbfu"
                },
                {
                    "vulnerability": "VCID-xs57-nrgs-fka9"
                },
                {
                    "vulnerability": "VCID-y7cx-fpjq-87at"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssl-main@3.5.6-0.1%3Farch=hum1"
        }
    ],
    "references": [
        {
            "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.5",
                    "scoring_system": "cvssv3",
                    "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
                }
            ],
            "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2673.json"
        },
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2673",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.00023",
                    "scoring_system": "epss",
                    "scoring_elements": "0.06797",
                    "published_at": "2026-05-30T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2673"
        },
        {
            "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "5.3",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
                }
            ],
            "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
        },
        {
            "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650",
            "reference_id": "1130650",
            "reference_type": "",
            "scores": [],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130650"
        },
        {
            "reference_url": "https://openssl-library.org/news/secadv/20260313.txt",
            "reference_id": "20260313.txt",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.5",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
                },
                {
                    "value": "Track",
                    "scoring_system": "ssvc",
                    "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/"
                }
            ],
            "url": "https://openssl-library.org/news/secadv/20260313.txt"
        },
        {
            "reference_url": "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f",
            "reference_id": "2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.5",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
                },
                {
                    "value": "Track",
                    "scoring_system": "ssvc",
                    "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/"
                }
            ],
            "url": "https://github.com/openssl/openssl/commit/2157c9d81f7b0bd7dfa25b960e928ec28e8dd63f"
        },
        {
            "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447327",
            "reference_id": "2447327",
            "reference_type": "",
            "scores": [],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447327"
        },
        {
            "reference_url": "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34",
            "reference_id": "85977e013f32ceb96aa034c0e741adddc1a05e34",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.5",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
                },
                {
                    "value": "Track",
                    "scoring_system": "ssvc",
                    "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-17T17:17:17Z/"
                }
            ],
            "url": "https://github.com/openssl/openssl/commit/85977e013f32ceb96aa034c0e741adddc1a05e34"
        },
        {
            "reference_url": "https://access.redhat.com/errata/RHSA-2026:7261",
            "reference_id": "RHSA-2026:7261",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/errata/RHSA-2026:7261"
        },
        {
            "reference_url": "https://usn.ubuntu.com/8155-1/",
            "reference_id": "USN-8155-1",
            "reference_type": "",
            "scores": [],
            "url": "https://usn.ubuntu.com/8155-1/"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 325,
            "name": "Missing Cryptographic Step",
            "description": "The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm."
        },
        {
            "cwe_id": 757,
            "name": "Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')",
            "description": "A protocol or its implementation supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties."
        }
    ],
    "exploits": [],
    "severity_range_score": "5.3 - 6.5",
    "exploitability": "0.5",
    "weighted_severity": "5.9",
    "risk_score": 3.0,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hh45-myn6-83ex"
}

Vulnerability Instance