Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/24907?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/24907?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.11-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "azure-uamqp-python", "version": "1.6.11-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.6.11-2", "latest_non_vulnerable_version": "1.6.11-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18334?format=api", "vulnerability_id": "VCID-7gj1-xfxm-c3hg", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25110.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25110.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.7342", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.73329", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.73406", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00739", "scoring_system": "epss", "scoring_elements": "0.73421", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25110" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064051", "reference_id": "1064051", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064051" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272485", "reference_id": "2272485", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272485" }, { "reference_url": "https://github.com/Azure/azure-uamqp-c/commit/30865c9ccedaa32ddb036e87a8ebb52c3f18f695", "reference_id": "30865c9ccedaa32ddb036e87a8ebb52c3f18f695", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-13T15:22:35Z/" } ], "url": "https://github.com/Azure/azure-uamqp-c/commit/30865c9ccedaa32ddb036e87a8ebb52c3f18f695" }, { "reference_url": "https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-c646-4whf-r67v", "reference_id": "GHSA-c646-4whf-r67v", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-13T15:22:35Z/" } ], "url": "https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-c646-4whf-r67v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24909?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.8-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/24907?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/24905?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.11-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.11-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-25110" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7gj1-xfxm-c3hg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18878?format=api", "vulnerability_id": "VCID-jd1g-t4d7-zfev", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27099.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27099.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01498", "scoring_system": "epss", "scoring_elements": "0.81582", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01498", "scoring_system": "epss", "scoring_elements": "0.81522", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01498", "scoring_system": "epss", "scoring_elements": "0.81583", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01498", "scoring_system": "epss", "scoring_elements": "0.81591", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-27099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27099" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064996", "reference_id": "1064996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064996" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272482", "reference_id": "2272482", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272482" }, { "reference_url": "https://github.com/Azure/azure-uamqp-c/commit/2ca42b6e4e098af2d17e487814a91d05f6ae4987", "reference_id": "2ca42b6e4e098af2d17e487814a91d05f6ae4987", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-27T20:28:53Z/" } ], "url": "https://github.com/Azure/azure-uamqp-c/commit/2ca42b6e4e098af2d17e487814a91d05f6ae4987" }, { "reference_url": "https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-6rh4-fj44-v4jj", "reference_id": "GHSA-6rh4-fj44-v4jj", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-02-27T20:28:53Z/" } ], "url": "https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-6rh4-fj44-v4jj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24909?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.8-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.8-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/24907?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/24905?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.11-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.11-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-27099" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jd1g-t4d7-zfev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48055?format=api", "vulnerability_id": "VCID-s33p-vane-9ub8", "summary": "The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to vulnerabilities in parameter checking mechanism, by exploiting the buffer length parameter in Azure C SDK, which may lead to remote code execution. Requirements for RCE are 1. Compromised Azure account allowing malformed payloads to be sent to the device via IoT Hub service, 2. By passing IoT hub service max message payload limit of 128KB, and 3. Ability to overwrite code space with remote code. Fixed in commit https://github.com/Azure/azure-c-shared-utility/commit/1129147c38ac02ad974c4c701a1e01b2141b9fe2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29195", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02421", "scoring_system": "epss", "scoring_elements": "0.85508", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02421", "scoring_system": "epss", "scoring_elements": "0.85456", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02421", "scoring_system": "epss", "scoring_elements": "0.85507", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02421", "scoring_system": "epss", "scoring_elements": "0.85516", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-29195" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29195", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29195" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068457", "reference_id": "1068457", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068457" }, { "reference_url": "https://github.com/Azure/azure-c-shared-utility/commit/1129147c38ac02ad974c4c701a1e01b2141b9fe2", "reference_id": "1129147c38ac02ad974c4c701a1e01b2141b9fe2", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-04T11:18:14Z/" } ], "url": "https://github.com/Azure/azure-c-shared-utility/commit/1129147c38ac02ad974c4c701a1e01b2141b9fe2" }, { "reference_url": "https://github.com/Azure/azure-c-shared-utility/security/advisories/GHSA-m8wp-hc7w-x4xg", "reference_id": "GHSA-m8wp-hc7w-x4xg", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-04T11:18:14Z/" } ], "url": "https://github.com/Azure/azure-c-shared-utility/security/advisories/GHSA-m8wp-hc7w-x4xg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24912?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.9-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.9-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/24907?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/24905?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.11-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.11-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-29195" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s33p-vane-9ub8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18186?format=api", "vulnerability_id": "VCID-t75p-762e-kfbh", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21646", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02557", "scoring_system": "epss", "scoring_elements": "0.85829", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02557", "scoring_system": "epss", "scoring_elements": "0.85881", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02557", "scoring_system": "epss", "scoring_elements": "0.85888", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02557", "scoring_system": "epss", "scoring_elements": "0.85878", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21646" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21646" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe", "reference_id": "12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-16T19:52:45Z/" } ], "url": "https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe" }, { "reference_url": "https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv", "reference_id": "GHSA-j29m-p99g-7hpv", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-16T19:52:45Z/" } ], "url": "https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24906?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/24907?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/24905?format=api", "purl": "pkg:deb/debian/azure-uamqp-python@1.6.11-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.11-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21646" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t75p-762e-kfbh" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/azure-uamqp-python@1.6.11-1%3Fdistro=trixie" }