Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/372082?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/372082?format=api", "purl": "pkg:alpm/archlinux/inetutils@2.0-1", "type": "alpm", "namespace": "archlinux", "name": "inetutils", "version": "2.0-1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93829?format=api", "vulnerability_id": "VCID-qg9t-d2pk-yub6", "summary": "Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. A stack-based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This issue only affects the telnet client — accessible from the CLI or shell — in Junos OS. Inbound telnet services are not affected by this issue. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D80; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S11, 16.1R7-S4; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R2-S7, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R1-S5, 18.2R2-S2, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29727", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29833", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29766", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29622", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29685", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29699", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29627", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29647", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.3051", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30536", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30507", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.3048", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30299", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30517", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30645", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30691", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30504", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30563", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30598", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.306", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30556", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-0053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0053" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945861", "reference_id": "945861", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945861" }, { "reference_url": "https://security.archlinux.org/ASA-202106-20", "reference_id": "ASA-202106-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-20" }, { "reference_url": "https://security.archlinux.org/AVG-1003", "reference_id": "AVG-1003", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1003" }, { "reference_url": "https://usn.ubuntu.com/7781-1/", "reference_id": "USN-7781-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7781-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372082?format=api", "purl": "pkg:alpm/archlinux/inetutils@2.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/inetutils@2.0-1" } ], "aliases": [ "CVE-2019-0053" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qg9t-d2pk-yub6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81565?format=api", "vulnerability_id": "VCID-um87-6yps-cbfk", "summary": "telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.9229", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.92397", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.92297", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.92303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.92306", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.92317", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.92322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.92369", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.08404", "scoring_system": "epss", "scoring_elements": "0.92376", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92868", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92878", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.9288", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92885", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92888", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92891", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92919", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92869", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92886", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92895", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.09578", "scoring_system": "epss", "scoring_elements": "0.92908", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10188" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1811673", "reference_id": "1811673", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1811673" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953477", "reference_id": "953477", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953477" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953478", "reference_id": "953478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953478" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956084", "reference_id": "956084", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956084" }, { "reference_url": "https://security.archlinux.org/ASA-202106-20", "reference_id": "ASA-202106-20", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202106-20" }, { "reference_url": "https://security.archlinux.org/AVG-1003", "reference_id": "AVG-1003", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1318", "reference_id": "RHSA-2020:1318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1334", "reference_id": "RHSA-2020:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1335", "reference_id": "RHSA-2020:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1342", "reference_id": "RHSA-2020:1342", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1349", "reference_id": "RHSA-2020:1349", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0011", "reference_id": "RHSA-2022:0011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0158", "reference_id": "RHSA-2022:0158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0158" }, { "reference_url": "https://usn.ubuntu.com/5048-1/", "reference_id": "USN-5048-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5048-1/" }, { "reference_url": "https://usn.ubuntu.com/7781-1/", "reference_id": "USN-7781-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7781-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5048-2/", "reference_id": "USN-USN-5048-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5048-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372082?format=api", "purl": "pkg:alpm/archlinux/inetutils@2.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/inetutils@2.0-1" } ], "aliases": [ "CVE-2020-10188" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-um87-6yps-cbfk" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/inetutils@2.0-1" }