Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/3541?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3541?format=api", "vulnerability_id": "VCID-z4t8-c8vc-ayhd", "summary": "Interactive installer downloads software over plain HTTP, then executes itmore details", "aliases": [ { "alias": "CVE-2016-7048" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/254?format=api", "purl": "pkg:generic/postgresql@9.1.24", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.1.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/253?format=api", "purl": "pkg:generic/postgresql@9.2.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.2.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/252?format=api", "purl": "pkg:generic/postgresql@9.3.15", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.3.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/251?format=api", "purl": "pkg:generic/postgresql@9.4.10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.4.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/250?format=api", "purl": "pkg:generic/postgresql@9.5.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.5.5" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/249?format=api", "purl": "pkg:generic/postgresql@9.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qap-rdxz-4uer" }, { "vulnerability": "VCID-2nve-471m-17h6" }, { "vulnerability": "VCID-35a3-5eq3-8bep" }, { "vulnerability": "VCID-625c-amyd-dybm" }, { "vulnerability": "VCID-6mck-xykx-yuba" }, { "vulnerability": "VCID-7jb6-q4x1-cfbw" }, { "vulnerability": "VCID-811b-x31n-tfch" }, { "vulnerability": "VCID-8bu8-zpfv-8bgg" }, { "vulnerability": "VCID-8cbh-gwwy-n3eq" }, { "vulnerability": "VCID-8j4f-u2tq-1qev" }, { "vulnerability": "VCID-9b6v-1bt1-dfgy" }, { "vulnerability": "VCID-a3sh-4t1e-tbh4" }, { "vulnerability": "VCID-bdq4-br3j-7kb8" }, { "vulnerability": "VCID-bqag-mh3g-fqe7" }, { "vulnerability": "VCID-f976-dd3s-fuc8" }, { "vulnerability": "VCID-fd5z-bj21-m3a5" }, { "vulnerability": "VCID-g4tm-8zhw-a7hn" }, { "vulnerability": "VCID-k38h-5crc-u3hr" }, { "vulnerability": "VCID-kbgc-w2jw-auh8" }, { "vulnerability": "VCID-mebz-9qb7-5bd2" }, { "vulnerability": "VCID-n3ka-63rx-5fgk" }, { "vulnerability": "VCID-nz16-gzhk-h3c1" }, { "vulnerability": "VCID-pvxg-byvu-pbec" }, { "vulnerability": "VCID-quqr-bg9k-7yb5" }, { "vulnerability": "VCID-raqj-ezua-skeb" }, { "vulnerability": "VCID-reab-s9cu-yudn" }, { "vulnerability": "VCID-skb5-eeak-v7hz" }, { "vulnerability": "VCID-t864-ytjh-nyg1" }, { "vulnerability": "VCID-ux6m-dn6j-37dc" }, { "vulnerability": "VCID-w518-wkek-97ag" }, { "vulnerability": "VCID-z4t8-c8vc-ayhd" }, { "vulnerability": "VCID-zbj3-7xug-43f6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/237?format=api", "purl": "pkg:generic/postgresql@9.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qap-rdxz-4uer" }, { "vulnerability": "VCID-3qrq-rc38-13ep" }, { "vulnerability": "VCID-625c-amyd-dybm" }, { "vulnerability": "VCID-6mck-xykx-yuba" }, { "vulnerability": "VCID-723y-bsbd-6kfd" }, { "vulnerability": "VCID-8bu8-zpfv-8bgg" }, { "vulnerability": "VCID-8cbh-gwwy-n3eq" }, { "vulnerability": "VCID-8j4f-u2tq-1qev" }, { "vulnerability": "VCID-9b6v-1bt1-dfgy" }, { "vulnerability": "VCID-a3sh-4t1e-tbh4" }, { "vulnerability": "VCID-bqag-mh3g-fqe7" }, { "vulnerability": "VCID-csfh-831q-rqfv" }, { "vulnerability": "VCID-f976-dd3s-fuc8" }, { "vulnerability": "VCID-fd5z-bj21-m3a5" }, { "vulnerability": "VCID-g4tm-8zhw-a7hn" }, { "vulnerability": "VCID-k38h-5crc-u3hr" }, { "vulnerability": "VCID-kbgc-w2jw-auh8" }, { "vulnerability": "VCID-mebz-9qb7-5bd2" }, { "vulnerability": "VCID-n3ka-63rx-5fgk" }, { "vulnerability": "VCID-nz16-gzhk-h3c1" }, { "vulnerability": "VCID-pvxg-byvu-pbec" }, { "vulnerability": "VCID-qn5k-y64c-7ffc" }, { "vulnerability": "VCID-qnt9-qr7p-wkhy" }, { "vulnerability": "VCID-raqj-ezua-skeb" }, { "vulnerability": "VCID-reab-s9cu-yudn" }, { "vulnerability": "VCID-skb5-eeak-v7hz" }, { "vulnerability": "VCID-t864-ytjh-nyg1" }, { "vulnerability": "VCID-w518-wkek-97ag" }, { "vulnerability": "VCID-z4t8-c8vc-ayhd" }, { "vulnerability": "VCID-zbj3-7xug-43f6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/216?format=api", "purl": "pkg:generic/postgresql@9.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qap-rdxz-4uer" }, { "vulnerability": "VCID-3qrq-rc38-13ep" }, { "vulnerability": "VCID-45vk-2xsq-cffk" }, { "vulnerability": "VCID-625c-amyd-dybm" }, { "vulnerability": "VCID-723y-bsbd-6kfd" }, { "vulnerability": "VCID-7xfn-1fv3-1bgv" }, { "vulnerability": "VCID-8bu8-zpfv-8bgg" }, { "vulnerability": "VCID-8cbh-gwwy-n3eq" }, { "vulnerability": "VCID-8j4f-u2tq-1qev" }, { "vulnerability": "VCID-9b6v-1bt1-dfgy" }, { "vulnerability": "VCID-a3sh-4t1e-tbh4" }, { "vulnerability": "VCID-bqag-mh3g-fqe7" }, { "vulnerability": "VCID-csfh-831q-rqfv" }, { "vulnerability": "VCID-d362-bmcf-3kdz" }, { "vulnerability": "VCID-esps-vak5-bqcp" }, { "vulnerability": "VCID-f976-dd3s-fuc8" }, { "vulnerability": "VCID-fd5z-bj21-m3a5" }, { "vulnerability": "VCID-k38h-5crc-u3hr" }, { "vulnerability": "VCID-kbgc-w2jw-auh8" }, { "vulnerability": "VCID-mebz-9qb7-5bd2" }, { "vulnerability": "VCID-nz16-gzhk-h3c1" }, { "vulnerability": "VCID-pvxg-byvu-pbec" }, { "vulnerability": "VCID-qn5k-y64c-7ffc" }, { "vulnerability": "VCID-qnt9-qr7p-wkhy" }, { "vulnerability": "VCID-raqj-ezua-skeb" }, { "vulnerability": "VCID-reab-s9cu-yudn" }, { "vulnerability": "VCID-sq2s-cvrs-7uhh" }, { "vulnerability": "VCID-t864-ytjh-nyg1" }, { "vulnerability": "VCID-w518-wkek-97ag" }, { "vulnerability": "VCID-wcsh-zz5q-qqbf" }, { "vulnerability": "VCID-z4t8-c8vc-ayhd" }, { "vulnerability": "VCID-zbj3-7xug-43f6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/196?format=api", "purl": "pkg:generic/postgresql@9.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qap-rdxz-4uer" }, { "vulnerability": "VCID-3qrq-rc38-13ep" }, { "vulnerability": "VCID-45vk-2xsq-cffk" }, { "vulnerability": "VCID-625c-amyd-dybm" }, { "vulnerability": "VCID-723y-bsbd-6kfd" }, { "vulnerability": "VCID-7xfn-1fv3-1bgv" }, { "vulnerability": "VCID-8bu8-zpfv-8bgg" }, { "vulnerability": "VCID-9b6v-1bt1-dfgy" }, { "vulnerability": "VCID-a3sh-4t1e-tbh4" }, { "vulnerability": "VCID-bb5j-e9vw-mbd1" }, { "vulnerability": "VCID-bqag-mh3g-fqe7" }, { "vulnerability": "VCID-csfh-831q-rqfv" }, { "vulnerability": "VCID-d362-bmcf-3kdz" }, { "vulnerability": "VCID-esps-vak5-bqcp" }, { "vulnerability": "VCID-f976-dd3s-fuc8" }, { "vulnerability": "VCID-fd5z-bj21-m3a5" }, { "vulnerability": "VCID-k38h-5crc-u3hr" }, { "vulnerability": "VCID-mebz-9qb7-5bd2" }, { "vulnerability": "VCID-qn5k-y64c-7ffc" }, { "vulnerability": "VCID-qnt9-qr7p-wkhy" }, { "vulnerability": "VCID-raqj-ezua-skeb" }, { "vulnerability": "VCID-sq2s-cvrs-7uhh" }, { "vulnerability": "VCID-t864-ytjh-nyg1" }, { "vulnerability": "VCID-um7d-pzhb-n3c9" }, { "vulnerability": "VCID-wcsh-zz5q-qqbf" }, { "vulnerability": "VCID-z4t8-c8vc-ayhd" }, { "vulnerability": "VCID-zbj3-7xug-43f6" }, { "vulnerability": "VCID-zrcc-w98g-gfhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/197?format=api", "purl": "pkg:generic/postgresql@9.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-235z-6mm1-ryc1" }, { "vulnerability": "VCID-36gv-m96w-47db" }, { "vulnerability": "VCID-3qrq-rc38-13ep" }, { "vulnerability": "VCID-45vk-2xsq-cffk" }, { "vulnerability": "VCID-723y-bsbd-6kfd" }, { "vulnerability": "VCID-7xfn-1fv3-1bgv" }, { "vulnerability": "VCID-8bu8-zpfv-8bgg" }, { "vulnerability": "VCID-99q3-5g9b-xkc3" }, { "vulnerability": "VCID-9b6v-1bt1-dfgy" }, { "vulnerability": "VCID-bb5j-e9vw-mbd1" }, { "vulnerability": "VCID-bdw5-v87c-zyfj" }, { "vulnerability": "VCID-bq8t-8q8q-dkb6" }, { "vulnerability": "VCID-csfh-831q-rqfv" }, { "vulnerability": "VCID-d362-bmcf-3kdz" }, { "vulnerability": "VCID-ne9g-k8fz-dkgb" }, { "vulnerability": "VCID-pg5v-ux6b-3qdn" }, { "vulnerability": "VCID-qn5k-y64c-7ffc" }, { "vulnerability": "VCID-qnt9-qr7p-wkhy" }, { "vulnerability": "VCID-sq2s-cvrs-7uhh" }, { "vulnerability": "VCID-t864-ytjh-nyg1" }, { "vulnerability": "VCID-um7d-pzhb-n3c9" }, { "vulnerability": "VCID-umaz-62cm-bqfe" }, { "vulnerability": "VCID-wcsh-zz5q-qqbf" }, { "vulnerability": "VCID-xjv3-x91m-qqhn" }, { "vulnerability": "VCID-z4t8-c8vc-ayhd" }, { "vulnerability": "VCID-zrcc-w98g-gfhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:generic/postgresql@9.5.0" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7048.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7048.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7048", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93747", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93757", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.9377", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93779", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93782", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93786", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93787", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93809", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93814", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93816", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.9382", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93817", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93815", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93825", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93835", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.12058", "scoring_system": "epss", "scoring_elements": "0.93845", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7048" }, { "reference_url": "https://www.postgresql.org/about/news/postgresql-961-955-9410-9315-9219-and-9124-released-1712/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.postgresql.org/about/news/postgresql-961-955-9410-9315-9219-and-9124-released-1712/" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2016-7048/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H']" } ], "url": "https://www.postgresql.org/support/security/CVE-2016-7048/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378043", "reference_id": "1378043", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378043" } ], "weaknesses": [ { "cwe_id": 494, "name": "Download of Code Without Integrity Check", "description": "The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code." } ], "exploits": [], "severity_range_score": "7.5 - 7.5", "exploitability": "0.5", "weighted_severity": "6.8", "risk_score": 3.4, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z4t8-c8vc-ayhd" }