Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/198687?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/198687?format=api", "purl": "pkg:pypi/soappy@0.12.1", "type": "pypi", "namespace": "", "name": "soappy", "version": "0.12.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "0.12.6", "latest_non_vulnerable_version": "0.12.6", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37686?format=api", "vulnerability_id": "VCID-khkn-6vv6-6feq", "summary": "XEE attack vulnerability\nIt is vulnerable to XML External Entity Processing attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3242.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3242.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3242", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00648", "scoring_system": "epss", "scoring_elements": "0.7122", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00648", "scoring_system": "epss", "scoring_elements": "0.7118", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00648", "scoring_system": "epss", "scoring_elements": "0.71223", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00648", "scoring_system": "epss", "scoring_elements": "0.7123", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00648", "scoring_system": "epss", "scoring_elements": "0.7121", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00648", "scoring_system": "epss", "scoring_elements": "0.71195", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3242" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/May/20", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2014/May/20" }, { "reference_url": "https://github.com/kiorky/soappy", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kiorky/soappy" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3242", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3242" }, { "reference_url": "https://web.archive.org/web/20150501220613/http://www.pnigos.com/?p=260", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150501220613/http://www.pnigos.com/?p=260" }, { "reference_url": "https://web.archive.org/web/20200229062311/http://www.securityfocus.com/bid/67216", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200229062311/http://www.securityfocus.com/bid/67216" }, { "reference_url": "https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/05/06/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2014/05/06/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/05/06/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2014/05/06/9" }, { "reference_url": "http://www.pnigos.com/?p=260", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.pnigos.com/?p=260" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094619", "reference_id": "1094619", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094619" }, { "reference_url": "https://github.com/advisories/GHSA-52wr-3vww-rmpq", "reference_id": "GHSA-52wr-3vww-rmpq", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-52wr-3vww-rmpq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51858?format=api", "purl": "pkg:pypi/soappy@0.12.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/soappy@0.12.6" } ], "aliases": [ "CVE-2014-3242", "GHSA-52wr-3vww-rmpq" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khkn-6vv6-6feq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37687?format=api", "vulnerability_id": "VCID-uf2w-n4wb-v7az", "summary": "Billion laughs attack vulnerability\nIt is vulnerable to a Billion laughs attack.", "references": [ { "reference_url": "http://en.wikipedia.org/wiki/Billion_laughs", "reference_id": "", "reference_type": "", "scores": [], "url": "http://en.wikipedia.org/wiki/Billion_laughs" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3243.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3243.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3243", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72927", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72967", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72972", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72965", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72942", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72955", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3243" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/May/20", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2014/May/20" }, { "reference_url": "https://github.com/kiorky/SOAPpy/blob/develop/CHANGES.txt#L32-L37", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kiorky/SOAPpy/blob/develop/CHANGES.txt#L32-L37" }, { "reference_url": "https://github.com/kiorky/SOAPpy/commit/64125a24aad228761f38312d44bde4bec7354276", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kiorky/SOAPpy/commit/64125a24aad228761f38312d44bde4bec7354276" }, { "reference_url": "https://github.com/kiorky/SOAPpy/commit/a38656817c8ce7d02e117b1308328419a5d1560f", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kiorky/SOAPpy/commit/a38656817c8ce7d02e117b1308328419a5d1560f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3243", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3243" }, { "reference_url": "https://web.archive.org/web/20150501220613/http://www.pnigos.com/?p=260", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20150501220613/http://www.pnigos.com/?p=260" }, { "reference_url": "https://web.archive.org/web/20200229062311/http://www.securityfocus.com/bid/67216", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200229062311/http://www.securityfocus.com/bid/67216" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/05/06/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2014/05/06/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/05/06/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2014/05/06/9" }, { "reference_url": "http://www.pnigos.com/?p=260", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.pnigos.com/?p=260" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094620", "reference_id": "1094620", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094620" }, { "reference_url": "https://github.com/advisories/GHSA-2gh8-gr6x-7q26", "reference_id": "GHSA-2gh8-gr6x-7q26", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2gh8-gr6x-7q26" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51858?format=api", "purl": "pkg:pypi/soappy@0.12.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/soappy@0.12.6" } ], "aliases": [ "CVE-2014-3243", "GHSA-2gh8-gr6x-7q26" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uf2w-n4wb-v7az" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/soappy@0.12.1" }