GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/332441?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/332441?format=api",
    "vulnerability_id": "VCID-zffn-eqwd-3qfy",
    "summary": "SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on availability of the application, there is no impact on confidentiality and integrity.",
    "aliases": [
        {
            "alias": "CVE-2025-42954"
        }
    ],
    "fixed_packages": [],
    "affected_packages": [],
    "references": [
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-42954",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.00134",
                    "scoring_system": "epss",
                    "scoring_elements": "0.32463",
                    "published_at": "2026-06-08T12:55:00Z"
                },
                {
                    "value": "0.00134",
                    "scoring_system": "epss",
                    "scoring_elements": "0.32565",
                    "published_at": "2026-06-05T12:55:00Z"
                },
                {
                    "value": "0.00134",
                    "scoring_system": "epss",
                    "scoring_elements": "0.32533",
                    "published_at": "2026-06-06T12:55:00Z"
                },
                {
                    "value": "0.00134",
                    "scoring_system": "epss",
                    "scoring_elements": "0.32495",
                    "published_at": "2026-06-07T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-42954"
        },
        {
            "reference_url": "https://me.sap.com/notes/3608156",
            "reference_id": "3608156",
            "reference_type": "",
            "scores": [
                {
                    "value": "2.7",
                    "scoring_system": "cvssv3.1",
                    "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L"
                },
                {
                    "value": "Track",
                    "scoring_system": "ssvc",
                    "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T14:31:10Z/"
                }
            ],
            "url": "https://me.sap.com/notes/3608156"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 835,
            "name": "Loop with Unreachable Exit Condition ('Infinite Loop')",
            "description": "The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop."
        }
    ],
    "exploits": [],
    "severity_range_score": "2.7 - 2.7",
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zffn-eqwd-3qfy"
}