Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/127693?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/127693?format=api", "purl": "pkg:rpm/redhat/sudo@1.7.2p1-8?arch=el5_5", "type": "rpm", "namespace": "redhat", "name": "sudo", "version": "1.7.2p1-8", "qualifiers": { "arch": "el5_5" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56508?format=api", "vulnerability_id": "VCID-fant-y91b-rubf", "summary": "The secure path feature and group handling in sudo allow local attackers to\n escalate privileges.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2956.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23036", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23217", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23396", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23436", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23344", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23365", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23327", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.2327", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23287", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23282", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23264", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23074", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23067", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.2306", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.22952", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2956" }, { "reference_url": "http://secunia.com/advisories/40508", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40508" }, { "reference_url": "http://secunia.com/advisories/41316", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/41316" }, { "reference_url": "http://secunia.com/advisories/42787", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42787" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201009-03.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201009-03.xml" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2010-0075" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:175", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:175" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0675.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0675.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/514489/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/515545/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/43019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/43019" }, { "reference_url": "http://www.securitytracker.com/id?1024392", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1024392" }, { "reference_url": "http://www.sudo.ws/sudo/alerts/runas_group.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.sudo.ws/sudo/alerts/runas_group.html" }, { "reference_url": "http://www.ubuntu.com/usn/USN-983-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-983-1" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0001.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2312", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2312" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2318", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2318" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2320", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2320" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2358", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2358" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0025", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0025" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595935", "reference_id": "595935", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595935" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=628628", "reference_id": "628628", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628628" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2956", "reference_id": "CVE-2010-2956", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2956" }, { "reference_url": "https://security.gentoo.org/glsa/201009-03", "reference_id": "GLSA-201009-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201009-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0675", "reference_id": "RHSA-2010:0675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0675" }, { "reference_url": "https://usn.ubuntu.com/983-1/", "reference_id": "USN-983-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/983-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2010-2956" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fant-y91b-rubf" } ], "fixing_vulnerabilities": [], "risk_score": "2.8", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/sudo@1.7.2p1-8%3Farch=el5_5" }