Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/483711?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/483711?format=api", "purl": "pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community", "type": "apk", "namespace": "alpine", "name": "ntpsec", "version": "1.1.3-r0", "qualifiers": { "arch": "aarch64", "distroversion": "v3.19", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.2.1-r0", "latest_non_vulnerable_version": "1.2.2a-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95618?format=api", "vulnerability_id": "VCID-88fv-n2b1-63hp", "summary": "An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6444", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11626", "scoring_system": "epss", "scoring_elements": "0.93789", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.11626", "scoring_system": "epss", "scoring_elements": "0.93798", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.11626", "scoring_system": "epss", "scoring_elements": "0.93797", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.11626", "scoring_system": "epss", "scoring_elements": "0.93803", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6444" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6444", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6444" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513", "reference_id": "919513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513" }, { "reference_url": "https://dumpco.re/bugs/ntpsec-oobread2", "reference_id": "CVE-2019-6444", "reference_type": "exploit", "scores": [], "url": "https://dumpco.re/bugs/ntpsec-oobread2" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46176.py", "reference_id": "CVE-2019-6444", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46176.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/483711?format=api", "purl": "pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community" } ], "aliases": [ "CVE-2019-6444" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88fv-n2b1-63hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95619?format=api", "vulnerability_id": "VCID-ee1h-ze96-5fbu", "summary": "An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6445", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16559", "scoring_system": "epss", "scoring_elements": "0.95033", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.16559", "scoring_system": "epss", "scoring_elements": "0.95042", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.16559", "scoring_system": "epss", "scoring_elements": "0.95043", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.16559", "scoring_system": "epss", "scoring_elements": "0.95045", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.16559", "scoring_system": "epss", "scoring_elements": "0.95049", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6445" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513", "reference_id": "919513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513" }, { "reference_url": "https://dumpco.re/bugs/ntpsec-authed-npe", "reference_id": "CVE-2019-6445", "reference_type": "exploit", "scores": [], "url": "https://dumpco.re/bugs/ntpsec-authed-npe" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46177.py", "reference_id": "CVE-2019-6445", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46177.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/483711?format=api", "purl": "pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community" } ], "aliases": [ "CVE-2019-6445" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ee1h-ze96-5fbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95616?format=api", "vulnerability_id": "VCID-rchy-vjxq-u3ae", "summary": "An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.47167", "scoring_system": "epss", "scoring_elements": "0.97741", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.47167", "scoring_system": "epss", "scoring_elements": "0.97745", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.47167", "scoring_system": "epss", "scoring_elements": "0.97746", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.47167", "scoring_system": "epss", "scoring_elements": "0.97747", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6443" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513", "reference_id": "919513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513" }, { "reference_url": "https://dumpco.re/bugs/ntpsec-oobread1", "reference_id": "CVE-2019-6443", "reference_type": "exploit", "scores": [], "url": "https://dumpco.re/bugs/ntpsec-oobread1" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46175.py", "reference_id": "CVE-2019-6443", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46175.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/483711?format=api", "purl": "pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community" } ], "aliases": [ "CVE-2019-6443" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rchy-vjxq-u3ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95615?format=api", "vulnerability_id": "VCID-wnbm-4gk2-dfgh", "summary": "An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6442", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18025", "scoring_system": "epss", "scoring_elements": "0.95289", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.18025", "scoring_system": "epss", "scoring_elements": "0.95296", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.18025", "scoring_system": "epss", "scoring_elements": "0.95298", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.18025", "scoring_system": "epss", "scoring_elements": "0.953", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.18025", "scoring_system": "epss", "scoring_elements": "0.95301", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.18025", "scoring_system": "epss", "scoring_elements": "0.95304", "published_at": "2026-06-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6442" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6442", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6442" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513", "reference_id": "919513", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919513" }, { "reference_url": "https://dumpco.re/bugs/ntpsec-authed-oobwrite", "reference_id": "CVE-2019-6442", "reference_type": "exploit", "scores": [], "url": "https://dumpco.re/bugs/ntpsec-authed-oobwrite" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46178.py", "reference_id": "CVE-2019-6442", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/46178.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/483711?format=api", "purl": "pkg:apk/alpine/ntpsec@1.1.3-r0?arch=aarch64&distroversion=v3.19&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community" } ], "aliases": [ "CVE-2019-6442" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wnbm-4gk2-dfgh" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ntpsec@1.1.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community" }