Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/58392?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58392?format=api", "vulnerability_id": "VCID-fe6s-f2sw-tbdb", "summary": "A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.", "aliases": [ { "alias": "CVE-2019-10224" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/87688?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.1.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.1.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/87666?format=api", "purl": "pkg:deb/debian/389-ds-base@1.4.4.11-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mdk-bqm7-mkeu" }, { "vulnerability": "VCID-7dna-4mcn-jqd5" }, { "vulnerability": "VCID-ft29-jr9j-jbbm" }, { "vulnerability": "VCID-k27f-tsq5-73fn" }, { "vulnerability": "VCID-ud9m-jz3k-bfhm" }, { "vulnerability": "VCID-vadc-mdbp-q3g9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@1.4.4.11-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/87664?format=api", "purl": "pkg:deb/debian/389-ds-base@2.3.1%2Bdfsg1-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5mdk-bqm7-mkeu" }, { "vulnerability": "VCID-7dna-4mcn-jqd5" }, { "vulnerability": "VCID-ft29-jr9j-jbbm" }, { "vulnerability": "VCID-k27f-tsq5-73fn" }, { "vulnerability": "VCID-ud9m-jz3k-bfhm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@2.3.1%252Bdfsg1-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/87668?format=api", "purl": "pkg:deb/debian/389-ds-base@3.1.2%2Bdfsg1-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bdfsg1-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/87667?format=api", "purl": "pkg:deb/debian/389-ds-base@3.1.2%2Bvendor1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/389-ds-base@3.1.2%252Bvendor1-2%3Fdistro=trixie" } ], "affected_packages": [], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10224.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10224.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.3407", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10224" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677147", "reference_id": "1677147", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3401", "reference_id": "RHSA-2019:3401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3401" } ], "weaknesses": [ { "cwe_id": 538, "name": "Insertion of Sensitive Information into Externally-Accessible File or Directory", "description": "The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information." } ], "exploits": [], "severity_range_score": "4.3 - 4.6", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fe6s-f2sw-tbdb" }