Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/11883?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11883?format=api", "vulnerability_id": "VCID-s3az-ywap-23gw", "summary": "Uncontrolled Resource Consumption\nNode.js allows remote attackers to cause a denial of service.", "aliases": [ { "alias": "CVE-2015-7384" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/199774?format=api", "purl": "pkg:deb/debian/nodejs@4.1.1~dfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@4.1.1~dfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/199766?format=api", "purl": "pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55x4-jptm-w7h9" }, { "vulnerability": "VCID-9td8-barr-bbgf" }, { "vulnerability": "VCID-b3us-7znz-n3ds" }, { "vulnerability": "VCID-pu59-pggp-3qdw" }, { "vulnerability": "VCID-yy2n-v7k5-mqas" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@12.22.12~dfsg-1~deb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/199764?format=api", "purl": "pkg:deb/debian/nodejs@18.20.4%2Bdfsg-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-55x4-jptm-w7h9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@18.20.4%252Bdfsg-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/199768?format=api", "purl": "pkg:deb/debian/nodejs@20.19.2%2Bdfsg-1%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@20.19.2%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/199767?format=api", "purl": "pkg:deb/debian/nodejs@24.15.0%2Bdfsg%2B~cs24.12.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/nodejs@24.15.0%252Bdfsg%252B~cs24.12.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/53581?format=api", "purl": "pkg:nuget/Node.js@4.1.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@4.1.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/106705?format=api", "purl": "pkg:nuget/Node.js@0.10.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/106706?format=api", "purl": "pkg:nuget/Node.js@0.10.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/106707?format=api", "purl": "pkg:nuget/Node.js@0.10.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/106708?format=api", "purl": "pkg:nuget/Node.js@0.10.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/106709?format=api", "purl": "pkg:nuget/Node.js@0.10.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/106710?format=api", "purl": "pkg:nuget/Node.js@0.10.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.26" }, { "url": "http://public2.vulnerablecode.io/api/packages/106711?format=api", "purl": "pkg:nuget/Node.js@0.10.26.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.26.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/106712?format=api", "purl": "pkg:nuget/Node.js@0.10.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/106713?format=api", "purl": "pkg:nuget/Node.js@0.10.28", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.28" }, { "url": "http://public2.vulnerablecode.io/api/packages/106714?format=api", "purl": "pkg:nuget/Node.js@0.10.29", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.29" }, { "url": "http://public2.vulnerablecode.io/api/packages/106715?format=api", "purl": "pkg:nuget/Node.js@0.10.30", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.30" }, { "url": "http://public2.vulnerablecode.io/api/packages/106716?format=api", "purl": "pkg:nuget/Node.js@0.10.31", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.31" }, { "url": "http://public2.vulnerablecode.io/api/packages/106717?format=api", "purl": "pkg:nuget/Node.js@0.10.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/106718?format=api", "purl": "pkg:nuget/Node.js@0.10.33", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.33" }, { "url": "http://public2.vulnerablecode.io/api/packages/106719?format=api", "purl": "pkg:nuget/Node.js@0.10.34", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.34" }, { "url": "http://public2.vulnerablecode.io/api/packages/106720?format=api", "purl": "pkg:nuget/Node.js@0.10.35", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.35" }, { "url": "http://public2.vulnerablecode.io/api/packages/106721?format=api", "purl": "pkg:nuget/Node.js@0.10.36", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.10.36" }, { "url": "http://public2.vulnerablecode.io/api/packages/106722?format=api", "purl": "pkg:nuget/Node.js@0.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/106723?format=api", "purl": "pkg:nuget/Node.js@0.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/106724?format=api", "purl": "pkg:nuget/Node.js@0.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/106725?format=api", "purl": "pkg:nuget/Node.js@0.12.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.12.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/106726?format=api", "purl": "pkg:nuget/Node.js@0.12.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.12.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/106727?format=api", "purl": "pkg:nuget/Node.js@0.12.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.12.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/106728?format=api", "purl": "pkg:nuget/Node.js@0.12.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.12.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/106729?format=api", "purl": "pkg:nuget/Node.js@0.12.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@0.12.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/106730?format=api", "purl": "pkg:nuget/Node.js@4.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@4.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/106731?format=api", "purl": "pkg:nuget/Node.js@4.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@4.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/106732?format=api", "purl": "pkg:nuget/Node.js@4.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s3az-ywap-23gw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:nuget/Node.js@4.1.1" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0085", "scoring_system": "epss", "scoring_elements": "0.752", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7384" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/nodejs/node/issues/3138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/nodejs/node/issues/3138" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800580", "reference_id": "800580", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800580" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7384", "reference_id": "CVE-2015-7384", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7384" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 400, "name": "Uncontrolled Resource Consumption", "description": "The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "5.4 - 5.4", "exploitability": "0.5", "weighted_severity": "0.0", "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s3az-ywap-23gw" }