Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/376?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/376?format=api", "purl": "pkg:generic/postgresql@7.3.19", "type": "generic", "namespace": "", "name": "postgresql", "version": "7.3.19", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "7.3.21", "latest_non_vulnerable_version": "18.2.0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3583?format=api", "vulnerability_id": "VCID-g5yd-z8gh-pbc4", "summary": "A vulnerability involving insecure search_path settings allows unprivileged users to gain the SQL privileges of the owner of any SECURITY DEFINER function they are allowed to call. Securing such a function requires both a software update and changes to the function definition.more details", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2007-0336.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2007-0336.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2138.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81757", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81595", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81606", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81627", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81624", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81652", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81657", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81677", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81696", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81695", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81699", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81724", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81733", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01593", "scoring_system": "epss", "scoring_elements": "0.81739", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2138" }, { "reference_url": "http://secunia.com/advisories/24989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24989" }, { "reference_url": "http://secunia.com/advisories/24999", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24999" }, { "reference_url": "http://secunia.com/advisories/25005", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25005" }, { "reference_url": "http://secunia.com/advisories/25019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25019" }, { "reference_url": "http://secunia.com/advisories/25037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25037" }, { "reference_url": "http://secunia.com/advisories/25058", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25058" }, { "reference_url": "http://secunia.com/advisories/25184", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25184" }, { "reference_url": "http://secunia.com/advisories/25238", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25238" }, { "reference_url": "http://secunia.com/advisories/25334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25334" }, { "reference_url": "http://secunia.com/advisories/25717", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25717" }, { "reference_url": "http://secunia.com/advisories/25720", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25720" }, { "reference_url": "http://secunia.com/advisories/25725", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/25725" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200705-12.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200705-12.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33842" }, { "reference_url": "https://issues.rpath.com/browse/RPL-1292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://issues.rpath.com/browse/RPL-1292" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10090", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10090" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102894-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102894-1" }, { "reference_url": "http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-190.htm" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2007-2138/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/support/security/CVE-2007-2138/" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1309", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1309" }, { "reference_url": "http://www.debian.org/security/2007/dsa-1311", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2007/dsa-1311" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:094", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:094" }, { "reference_url": "http://www.postgresql.org/about/news.791", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.postgresql.org/about/news.791" }, { "reference_url": "http://www.postgresql.org/support/security.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.postgresql.org/support/security.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2007-0337.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2007-0337.html" }, { "reference_url": "http://www.securityfocus.com/bid/23618", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/23618" }, { "reference_url": "http://www.securitytracker.com/id?1017974", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1017974" }, { "reference_url": "http://www.trustix.org/errata/2007/0015/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.trustix.org/errata/2007/0015/" }, { "reference_url": "http://www.ubuntu.com/usn/usn-454-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-454-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1497", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1497" }, { "reference_url": "http://www.vupen.com/english/advisories/2007/1549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2007/1549" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=237682", "reference_id": "237682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=237682" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2138", "reference_id": "CVE-2007-2138", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2138" }, { "reference_url": "https://security.gentoo.org/glsa/200705-12", "reference_id": "GLSA-200705-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200705-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0336", "reference_id": "RHSA-2007:0336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0337", "reference_id": "RHSA-2007:0337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0337" }, { "reference_url": "https://usn.ubuntu.com/454-1/", "reference_id": "USN-454-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/454-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376?format=api", "purl": "pkg:generic/postgresql@7.3.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@7.3.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/375?format=api", "purl": "pkg:generic/postgresql@7.4.17", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@7.4.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/374?format=api", "purl": "pkg:generic/postgresql@8.0.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.0.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/373?format=api", "purl": "pkg:generic/postgresql@8.1.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.1.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/372?format=api", "purl": "pkg:generic/postgresql@8.2.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@8.2.4" } ], "aliases": [ "CVE-2007-2138" ], "risk_score": 2.7, "exploitability": "0.5", "weighted_severity": "5.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g5yd-z8gh-pbc4" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@7.3.19" }