Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/936201?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/936201?format=api", "purl": "pkg:deb/debian/pypy3@7.3.16%2Bdfsg-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "pypy3", "version": "7.3.16+dfsg-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "7.3.17+dfsg-3", "latest_non_vulnerable_version": "7.3.22+dfsg-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42644?format=api", "vulnerability_id": "VCID-js5p-py72-2kga", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0450.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35093", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35409", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35384", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35338", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35454", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35429", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34968", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.349", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34874", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.3497", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34933", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34861", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.34983", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35072", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35328", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.3538", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35392", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35352", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35374", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0450" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070133", "reference_id": "1070133", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070133" }, { "reference_url": "https://github.com/python/cpython/issues/109858", "reference_id": "109858", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/issues/109858" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276525", "reference_id": "2276525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276525" }, { "reference_url": "https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85", "reference_id": "30fe5d853b56138dbec62432d370a1f99409fc85", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/20/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/20/5" }, { "reference_url": "https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba", "reference_id": "66363b9a7b9fe7c99eba3a185b74c5fdbf842eba", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba" }, { "reference_url": "https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675", "reference_id": "70497218351ba44bffc8b571201ecb5652d84675", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/70497218351ba44bffc8b571201ecb5652d84675" }, { "reference_url": "https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51", "reference_id": "a2c59992e9e8d35baba9695eb186ad6c6ff85c51", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51" }, { "reference_url": "https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549", "reference_id": "a956e510f6336d5ae111ba429a61c3ade30a7549", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549" }, { "reference_url": "https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183", "reference_id": "d05bac0b74153beb541b88b4fca33bf053990183", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183" }, { "reference_url": "https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b", "reference_id": "fa181fcf2156f703347b03a3b1966ce47be8ab3b", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html", "reference_id": "msg00024.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html", "reference_id": "msg00025.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3347", "reference_id": "RHSA-2024:3347", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3391", "reference_id": "RHSA-2024:3391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3466", "reference_id": "RHSA-2024:3466", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3466" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4058", "reference_id": "RHSA-2024:4058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4078", "reference_id": "RHSA-2024:4078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4243", "reference_id": "RHSA-2024:4243", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4243" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4406", "reference_id": "RHSA-2024:4406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9190", "reference_id": "RHSA-2024:9190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9192", "reference_id": "RHSA-2024:9192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9192" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/", "reference_id": "T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3IGRX54M7RNCQOXVQO5KQKTGWCOABIM/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/", "reference_id": "U5VHWS52HGD743C47UMCSAK2A773M2YE", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5VHWS52HGD743C47UMCSAK2A773M2YE/" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" }, { "reference_url": "https://usn.ubuntu.com/7212-1/", "reference_id": "USN-7212-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7212-1/" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/", "reference_id": "XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/" }, { "reference_url": "https://www.bamsoftware.com/hacks/zipbomb/", "reference_id": "zipbomb", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-20T14:30:38Z/" } ], "url": "https://www.bamsoftware.com/hacks/zipbomb/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936179?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-1uk5-6yqb-dyb5" }, { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-8b19-pezx-6bcd" }, { "vulnerability": "VCID-8hug-fhhb-sbgt" }, { "vulnerability": "VCID-94n7-6q4s-3udv" }, { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-a8mv-mr3q-vygz" }, { "vulnerability": "VCID-bn83-d2qp-9bfy" }, { "vulnerability": "VCID-bqp2-x383-xqfh" }, { "vulnerability": "VCID-fcsb-dn49-47gy" }, { "vulnerability": "VCID-kn9b-2gxw-gqgx" }, { "vulnerability": "VCID-mtk7-qut6-syd8" }, { "vulnerability": "VCID-nqqc-u8d5-8qf6" }, { "vulnerability": "VCID-qwhz-912b-8kh5" }, { "vulnerability": "VCID-zh1r-7rzh-2bez" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936197?format=api", "purl": "pkg:deb/debian/pypy3@7.3.5%2Bdfsg-2%2Bdeb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.5%252Bdfsg-2%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936196?format=api", "purl": "pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.11%252Bdfsg-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936180?format=api", "purl": "pkg:deb/debian/pypy3@7.3.11%2Bdfsg-2%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-1uk5-6yqb-dyb5" }, { "vulnerability": "VCID-2v5u-2z4w-ffgx" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-7s7y-9bw5-m3ep" }, { "vulnerability": "VCID-8b19-pezx-6bcd" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-94n7-6q4s-3udv" }, { "vulnerability": "VCID-9nvp-aus1-9yed" }, { "vulnerability": "VCID-9sms-mhht-n3aq" }, { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-bn83-d2qp-9bfy" }, { "vulnerability": "VCID-dnv8-yrd6-c7cv" }, { "vulnerability": "VCID-e6sb-bh7v-9ugg" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-fcsb-dn49-47gy" }, { "vulnerability": "VCID-kn9b-2gxw-gqgx" }, { "vulnerability": "VCID-mtk7-qut6-syd8" }, { "vulnerability": "VCID-nqqc-u8d5-8qf6" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-qwhz-912b-8kh5" }, { "vulnerability": "VCID-smck-sdx2-c7du" }, { "vulnerability": "VCID-v186-7sv1-ubej" }, { "vulnerability": "VCID-zh1r-7rzh-2bez" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.11%252Bdfsg-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936201?format=api", "purl": "pkg:deb/debian/pypy3@7.3.16%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.16%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936183?format=api", "purl": "pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-1uk5-6yqb-dyb5" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-8b19-pezx-6bcd" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-94n7-6q4s-3udv" }, { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-bn83-d2qp-9bfy" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-fcsb-dn49-47gy" }, { "vulnerability": "VCID-kn9b-2gxw-gqgx" }, { "vulnerability": "VCID-mtk7-qut6-syd8" }, { "vulnerability": "VCID-nqqc-u8d5-8qf6" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-zh1r-7rzh-2bez" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.19%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088725?format=api", "purl": "pkg:deb/debian/pypy3@7.3.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.22%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-0450" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-js5p-py72-2kga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75344?format=api", "vulnerability_id": "VCID-qwhz-912b-8kh5", "summary": "cpython: python: Memory race condition in ssl.SSLContext certificate store methods", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0397.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0397.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59798", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59729", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59702", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59744", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59685", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59638", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59675", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.5969", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.5967", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59717", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.5971", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59677", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59695", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59712", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59692", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59679", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59658", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00384", "scoring_system": "epss", "scoring_elements": "0.59633", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0397" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/python/cpython/commit/01c37f1d0714f5822d34063ca7180b595abf589d", "reference_id": "01c37f1d0714f5822d34063ca7180b595abf589d", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/01c37f1d0714f5822d34063ca7180b595abf589d" }, { "reference_url": "https://github.com/python/cpython/issues/114572", "reference_id": "114572", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/issues/114572" }, { "reference_url": "https://github.com/python/cpython/pull/114573", "reference_id": "114573", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/pull/114573" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/06/17/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/06/17/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301891", "reference_id": "2301891", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301891" }, { "reference_url": "https://github.com/python/cpython/commit/29c97287d205bf2f410f4895ebce3f43b5160524", "reference_id": "29c97287d205bf2f410f4895ebce3f43b5160524", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/29c97287d205bf2f410f4895ebce3f43b5160524" }, { "reference_url": "https://github.com/python/cpython/commit/37324b421b72b7bc9934e27aba85d48d4773002e", "reference_id": "37324b421b72b7bc9934e27aba85d48d4773002e", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/37324b421b72b7bc9934e27aba85d48d4773002e" }, { "reference_url": "https://github.com/python/cpython/commit/542f3272f56f31ed04e74c40635a913fbc12d286", "reference_id": "542f3272f56f31ed04e74c40635a913fbc12d286", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/542f3272f56f31ed04e74c40635a913fbc12d286" }, { "reference_url": "https://github.com/python/cpython/commit/b228655c227b2ca298a8ffac44d14ce3d22f6faa", "reference_id": "b228655c227b2ca298a8ffac44d14ce3d22f6faa", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/b228655c227b2ca298a8ffac44d14ce3d22f6faa" }, { "reference_url": "https://github.com/python/cpython/commit/bce693111bff906ccf9281c22371331aaff766ab", "reference_id": "bce693111bff906ccf9281c22371331aaff766ab", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://github.com/python/cpython/commit/bce693111bff906ccf9281c22371331aaff766ab" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/", "reference_id": "BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T15:52:27Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/BMAK5BCGKYWNJOACVUSLUF6SFGBIM4VP/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10983", "reference_id": "RHSA-2024:10983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9190", "reference_id": "RHSA-2024:9190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9192", "reference_id": "RHSA-2024:9192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9192" }, { "reference_url": "https://usn.ubuntu.com/6928-1/", "reference_id": "USN-6928-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6928-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936201?format=api", "purl": "pkg:deb/debian/pypy3@7.3.16%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.16%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936183?format=api", "purl": "pkg:deb/debian/pypy3@7.3.19%2Bdfsg-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1hw3-vhwb-nkcd" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-1uk5-6yqb-dyb5" }, { "vulnerability": "VCID-4afh-28ss-mudf" }, { "vulnerability": "VCID-757r-fs6p-qqdd" }, { "vulnerability": "VCID-8b19-pezx-6bcd" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-8zdt-4q7m-t7ht" }, { "vulnerability": "VCID-94n7-6q4s-3udv" }, { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-bn83-d2qp-9bfy" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-fcsb-dn49-47gy" }, { "vulnerability": "VCID-kn9b-2gxw-gqgx" }, { "vulnerability": "VCID-mtk7-qut6-syd8" }, { "vulnerability": "VCID-nqqc-u8d5-8qf6" }, { "vulnerability": "VCID-q6g1-cjz3-77e4" }, { "vulnerability": "VCID-zh1r-7rzh-2bez" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.19%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/936182?format=api", "purl": "pkg:deb/debian/pypy3@7.3.21%2Bdfsg-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11ed-tk56-8khn" }, { "vulnerability": "VCID-1pr1-jkqa-43g6" }, { "vulnerability": "VCID-8dtv-379a-wqfs" }, { "vulnerability": "VCID-a2st-585f-uucu" }, { "vulnerability": "VCID-emaw-jmek-9bcy" }, { "vulnerability": "VCID-znkr-fxtj-4uc7" }, { "vulnerability": "VCID-zxzn-25zt-ukct" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.21%252Bdfsg-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088725?format=api", "purl": "pkg:deb/debian/pypy3@7.3.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.22%252Bdfsg-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-0397" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwhz-912b-8kh5" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pypy3@7.3.16%252Bdfsg-1%3Fdistro=trixie" }