Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/924694?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/924694?format=api", "purl": "pkg:deb/debian/gv@1:3.5.8-27?distro=trixie", "type": "deb", "namespace": "debian", "name": "gv", "version": "1:3.5.8-27", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1:3.6.1-1", "latest_non_vulnerable_version": "1:3.7.4-3.2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91055?format=api", "vulnerability_id": "VCID-2ej9-sjne-9ycq", "summary": "gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1569", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85291", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85303", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85322", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85323", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85345", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85353", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85367", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85365", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85362", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85381", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85382", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85379", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85402", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85411", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85409", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85424", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85449", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85466", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85463", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85475", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.02509", "scoring_system": "epss", "scoring_elements": "0.85513", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1569" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1569", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1569" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924694?format=api", "purl": "pkg:deb/debian/gv@1:3.5.8-27?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gv@1:3.5.8-27%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924693?format=api", "purl": "pkg:deb/debian/gv@1:3.7.4-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gv@1:3.7.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924696?format=api", "purl": "pkg:deb/debian/gv@1:3.7.4-3.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gv@1:3.7.4-3.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924695?format=api", "purl": "pkg:deb/debian/gv@1:3.7.4-3.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gv@1:3.7.4-3.2%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-1569" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ej9-sjne-9ycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/89840?format=api", "vulnerability_id": "VCID-wkcq-2876-jbd4", "summary": "security flaw", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0838.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0838.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0838", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.8899", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.88998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89013", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89016", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89034", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89039", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89051", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89046", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89058", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89057", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89053", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89071", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89078", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89081", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89088", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89103", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89114", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.8911", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.8912", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.04433", "scoring_system": "epss", "scoring_elements": "0.89136", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-0838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0838" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616821", "reference_id": "1616821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616821" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21871.c", "reference_id": "CVE-2002-0838;OSVDB-8649", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21871.c" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21872.c", "reference_id": "CVE-2002-0838;OSVDB-8649", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21872.c" }, { "reference_url": "https://www.securityfocus.com/bid/5808/info", "reference_id": "CVE-2002-0838;OSVDB-8649", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/5808/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2002:207", "reference_id": "RHSA-2002:207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2002:207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2002:211", "reference_id": "RHSA-2002:211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2002:211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2002:212", "reference_id": "RHSA-2002:212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2002:212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2002:220", "reference_id": "RHSA-2002:220", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2002:220" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924694?format=api", "purl": "pkg:deb/debian/gv@1:3.5.8-27?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gv@1:3.5.8-27%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924693?format=api", "purl": "pkg:deb/debian/gv@1:3.7.4-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gv@1:3.7.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924696?format=api", "purl": "pkg:deb/debian/gv@1:3.7.4-3.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gv@1:3.7.4-3.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924695?format=api", "purl": "pkg:deb/debian/gv@1:3.7.4-3.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gv@1:3.7.4-3.2%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-0838" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wkcq-2876-jbd4" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/gv@1:3.5.8-27%3Fdistro=trixie" }