Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/518159?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/518159?format=api", "purl": "pkg:deb/debian/aircrack-ng@1:1.0~rc1-2", "type": "deb", "namespace": "debian", "name": "aircrack-ng", "version": "1:1.0~rc1-2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1:1.2-0~beta3-3~bpo70+1", "latest_non_vulnerable_version": "1:1.2-0~beta3-3~bpo70+1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58542?format=api", "vulnerability_id": "VCID-eujv-e9sm-8fbj", "summary": "network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8324", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07882", "scoring_system": "epss", "scoring_elements": "0.9216", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.07882", "scoring_system": "epss", "scoring_elements": "0.92173", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.07882", "scoring_system": "epss", "scoring_elements": "0.9217", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.07882", "scoring_system": "epss", "scoring_elements": "0.92169", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8324" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8324", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8324" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767979", "reference_id": "767979", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767979" }, { "reference_url": "https://security.gentoo.org/glsa/201411-08", "reference_id": "GLSA-201411-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/518160?format=api", "purl": "pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%252B1" } ], "aliases": [ "CVE-2014-8324" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eujv-e9sm-8fbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58541?format=api", "vulnerability_id": "VCID-kf13-ube1-bqf9", "summary": "buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8323", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07882", "scoring_system": "epss", "scoring_elements": "0.9216", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.07882", "scoring_system": "epss", "scoring_elements": "0.92173", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.07882", "scoring_system": "epss", "scoring_elements": "0.9217", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.07882", "scoring_system": "epss", "scoring_elements": "0.92169", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8323" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8323" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767979", "reference_id": "767979", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767979" }, { "reference_url": "https://security.gentoo.org/glsa/201411-08", "reference_id": "GLSA-201411-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/518160?format=api", "purl": "pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%252B1" } ], "aliases": [ "CVE-2014-8323" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kf13-ube1-bqf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58540?format=api", "vulnerability_id": "VCID-ng6k-7kyt-3khc", "summary": "Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.32211", "scoring_system": "epss", "scoring_elements": "0.96925", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.32211", "scoring_system": "epss", "scoring_elements": "0.9693", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.32211", "scoring_system": "epss", "scoring_elements": "0.96934", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.32211", "scoring_system": "epss", "scoring_elements": "0.96935", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8322" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8322" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767979", "reference_id": "767979", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767979" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35018.c", "reference_id": "CVE-2014-8322;OSVDB-114116", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35018.c" }, { "reference_url": "https://security.gentoo.org/glsa/201411-08", "reference_id": "GLSA-201411-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/518160?format=api", "purl": "pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%252B1" } ], "aliases": [ "CVE-2014-8322" ], "risk_score": 0.6, "exploitability": "2.0", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ng6k-7kyt-3khc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58538?format=api", "vulnerability_id": "VCID-wdbg-taw6-dyev", "summary": "Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26396", "scoring_system": "epss", "scoring_elements": "0.96416", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.26396", "scoring_system": "epss", "scoring_elements": "0.96421", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.26396", "scoring_system": "epss", "scoring_elements": "0.96425", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.26396", "scoring_system": "epss", "scoring_elements": "0.96426", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1159" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577758", "reference_id": "577758", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577758" }, { "reference_url": "https://security.gentoo.org/glsa/201310-06", "reference_id": "GLSA-201310-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-06" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/12217.py", "reference_id": "OSVDB-63314;CVE-2010-1159", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/12217.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/518160?format=api", "purl": "pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%252B1" } ], "aliases": [ "CVE-2010-1159" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdbg-taw6-dyev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58539?format=api", "vulnerability_id": "VCID-xr7g-3stp-aya3", "summary": "Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40826", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40903", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40908", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40877", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40846", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8321" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8321", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8321" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767979", "reference_id": "767979", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767979" }, { "reference_url": "https://security.gentoo.org/glsa/201411-08", "reference_id": "GLSA-201411-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201411-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/518160?format=api", "purl": "pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/aircrack-ng@1:1.2-0~beta3-3~bpo70%252B1" } ], "aliases": [ "CVE-2014-8321" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xr7g-3stp-aya3" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58537?format=api", "vulnerability_id": "VCID-a6qv-kapk-rbcg", "summary": "Stack-based buffer overflow in aircrack-ng airodump-ng 0.7 allows remote attackers to execute arbitrary code via crafted 802.11 authentication packets.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2057", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.58712", "scoring_system": "epss", "scoring_elements": "0.98249", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.58712", "scoring_system": "epss", "scoring_elements": "0.98251", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.58712", "scoring_system": "epss", "scoring_elements": "0.98252", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-2057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2057" }, { "reference_url": "https://security.gentoo.org/glsa/200704-16", "reference_id": "GLSA-200704-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200704-16" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/3724.c", "reference_id": "OSVDB-34931;CVE-2007-2057", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/3724.c" }, { "reference_url": "http://www.nop-art.net/advisories/airodump-ng.txt", "reference_id": "OSVDB-34931;CVE-2007-2057", "reference_type": "exploit", "scores": [], "url": "http://www.nop-art.net/advisories/airodump-ng.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/518159?format=api", "purl": "pkg:deb/debian/aircrack-ng@1:1.0~rc1-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-eujv-e9sm-8fbj" }, { "vulnerability": "VCID-kf13-ube1-bqf9" }, { "vulnerability": "VCID-ng6k-7kyt-3khc" }, { "vulnerability": "VCID-wdbg-taw6-dyev" }, { "vulnerability": "VCID-xr7g-3stp-aya3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/aircrack-ng@1:1.0~rc1-2" } ], "aliases": [ "CVE-2007-2057" ], "risk_score": 1.0, "exploitability": "2.0", "weighted_severity": "0.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a6qv-kapk-rbcg" } ], "risk_score": "0.6", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/aircrack-ng@1:1.0~rc1-2" }