Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/35481?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35481?format=api", "vulnerability_id": "VCID-6tgx-mpvy-63ab", "summary": "TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolled Resource Consumption.", "aliases": [ { "alias": "CVE-2020-6173" }, { "alias": "GHSA-2828-9vh6-9m6j" }, { "alias": "PYSEC-2020-146" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14825?format=api", "purl": "pkg:pypi/tuf@0.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-px54-yh8d-5bbc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.12.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/14808?format=api", "purl": "pkg:pypi/tuf@0.7.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.7.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/14809?format=api", "purl": "pkg:pypi/tuf@0.9.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.9.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/14810?format=api", "purl": "pkg:pypi/tuf@0.9.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.9.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/14811?format=api", "purl": "pkg:pypi/tuf@0.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/14812?format=api", "purl": "pkg:pypi/tuf@0.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/14813?format=api", "purl": "pkg:pypi/tuf@0.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/14814?format=api", "purl": "pkg:pypi/tuf@0.11.dev0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.11.dev0" }, { "url": "http://public2.vulnerablecode.io/api/packages/14815?format=api", "purl": "pkg:pypi/tuf@0.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/14816?format=api", "purl": "pkg:pypi/tuf@0.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.11.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/14817?format=api", "purl": "pkg:pypi/tuf@0.11.2.dev1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.11.2.dev1" }, { "url": "http://public2.vulnerablecode.io/api/packages/14818?format=api", "purl": "pkg:pypi/tuf@0.11.2.dev2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.11.2.dev2" }, { "url": "http://public2.vulnerablecode.io/api/packages/14819?format=api", "purl": "pkg:pypi/tuf@0.11.2.dev3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.11.2.dev3" }, { "url": "http://public2.vulnerablecode.io/api/packages/14820?format=api", "purl": "pkg:pypi/tuf@0.12.dev0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.12.dev0" }, { "url": "http://public2.vulnerablecode.io/api/packages/14821?format=api", "purl": "pkg:pypi/tuf@0.12.dev1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.12.dev1" }, { "url": "http://public2.vulnerablecode.io/api/packages/14822?format=api", "purl": "pkg:pypi/tuf@0.12.dev2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-m2sw-ms1a-zkb5" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.12.dev2" }, { "url": "http://public2.vulnerablecode.io/api/packages/14823?format=api", "purl": "pkg:pypi/tuf@0.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/14824?format=api", "purl": "pkg:pypi/tuf@0.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6tgx-mpvy-63ab" }, { "vulnerability": "VCID-px54-yh8d-5bbc" }, { "vulnerability": "VCID-q9jt-smnw-s3h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/tuf@0.12.1" } ], "references": [ { "reference_url": "https://github.com/advisories/GHSA-2828-9vh6-9m6j", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2828-9vh6-9m6j" }, { "reference_url": "https://github.com/theupdateframework/tuf/commits/develop", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/theupdateframework/tuf/commits/develop" }, { "reference_url": "https://github.com/theupdateframework/tuf/issues/973", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/theupdateframework/tuf/issues/973" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6tgx-mpvy-63ab" }