Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/109597?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/109597?format=api", "purl": "pkg:rpm/redhat/libkdcraw@4.10.5-5?arch=el7", "type": "rpm", "namespace": "redhat", "name": "libkdcraw", "version": "4.10.5-5", "qualifiers": { "arch": "el7" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83595?format=api", "vulnerability_id": "VCID-8g8a-1egc-pbhs", "summary": "LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5805.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5805.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5805", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.65977", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66019", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66047", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66015", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66064", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66096", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66053", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66088", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66102", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.6609", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66111", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66122", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.6612", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66098", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5805" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591887", "reference_id": "1591887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3065", "reference_id": "RHSA-2018:3065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3065" } ], "fixed_packages": [], "aliases": [ "CVE-2018-5805" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8g8a-1egc-pbhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83702?format=api", "vulnerability_id": "VCID-b7yv-7e6a-nfhy", "summary": "LibRaw: Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71509", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71516", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71533", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71506", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71546", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71558", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71581", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71565", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71547", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71593", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71598", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71577", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71628", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71633", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71637", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00679", "scoring_system": "epss", "scoring_elements": "0.71622", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5802" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553335", "reference_id": "1553335", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3065", "reference_id": "RHSA-2018:3065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3065" }, { "reference_url": "https://usn.ubuntu.com/3615-1/", "reference_id": "USN-3615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3615-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-5802" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b7yv-7e6a-nfhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83700?format=api", "vulnerability_id": "VCID-k9d9-tfcf-byf3", "summary": "LibRaw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5800.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5800.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.80946", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.80955", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.80977", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.80976", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81004", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81011", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81027", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81014", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81006", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81044", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81045", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81043", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81066", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81074", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81082", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01483", "scoring_system": "epss", "scoring_elements": "0.81097", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5800" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553332", "reference_id": "1553332", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3065", "reference_id": "RHSA-2018:3065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3065" }, { "reference_url": "https://usn.ubuntu.com/3615-1/", "reference_id": "USN-3615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3615-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-5800" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k9d9-tfcf-byf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83596?format=api", "vulnerability_id": "VCID-knwc-32r8-b7cu", "summary": "LibRaw: NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5806.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5806.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.59951", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60029", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60053", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60024", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60088", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60109", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60094", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66363", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66314", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66349", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66365", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.6635", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66372", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66387", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5806" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591897", "reference_id": "1591897", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3065", "reference_id": "RHSA-2018:3065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3065" } ], "fixed_packages": [], "aliases": [ "CVE-2018-5806" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-knwc-32r8-b7cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83701?format=api", "vulnerability_id": "VCID-nnw4-axam-qbb2", "summary": "LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5801.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5801.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78092", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78101", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78131", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78113", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.7814", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78146", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78171", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01111", "scoring_system": "epss", "scoring_elements": "0.78153", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01527", "scoring_system": "epss", "scoring_elements": "0.8138", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01527", "scoring_system": "epss", "scoring_elements": "0.81289", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01527", "scoring_system": "epss", "scoring_elements": "0.81326", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01527", "scoring_system": "epss", "scoring_elements": "0.81329", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01527", "scoring_system": "epss", "scoring_elements": "0.81328", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01527", "scoring_system": "epss", "scoring_elements": "0.81351", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01527", "scoring_system": "epss", "scoring_elements": "0.81358", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01527", "scoring_system": "epss", "scoring_elements": "0.81364", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5801" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553334", "reference_id": "1553334", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3065", "reference_id": "RHSA-2018:3065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3065" }, { "reference_url": "https://usn.ubuntu.com/3615-1/", "reference_id": "USN-3615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3615-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-5801" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nnw4-axam-qbb2" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libkdcraw@4.10.5-5%3Farch=el7" }