Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/42638?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42638?format=api", "vulnerability_id": "VCID-s7qf-hjkq-wkdy", "summary": "Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.", "aliases": [ { "alias": "CVE-2023-6507" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/936924?format=api", "purl": "pkg:deb/debian/python2.7@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936923?format=api", "purl": "pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936960?format=api", "purl": "pkg:deb/debian/python3.11@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.11@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/936953?format=api", "purl": "pkg:deb/debian/python3.11@3.11.2-6%2Bdeb12u6?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.11@3.11.2-6%252Bdeb12u6%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/936985?format=api", "purl": "pkg:deb/debian/python3.9@0?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@0%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/936982?format=api", "purl": "pkg:deb/debian/python3.9@3.9.2-1?distro=bullseye", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/python3.9@3.9.2-1%3Fdistro=bullseye" }, { "url": "http://public2.vulnerablecode.io/api/packages/76104?format=api", "purl": "pkg:ebuild/dev-lang/python@3.8.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.8.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/76105?format=api", "purl": "pkg:ebuild/dev-lang/python@3.9.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.9.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/76106?format=api", "purl": "pkg:ebuild/dev-lang/python@3.10.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.10.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/76107?format=api", "purl": "pkg:ebuild/dev-lang/python@3.11.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.11.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/76108?format=api", "purl": "pkg:ebuild/dev-lang/python@3.12.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/python@3.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/76109?format=api", "purl": "pkg:ebuild/dev-python/pypy3@3.8.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.8.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/76110?format=api", "purl": "pkg:ebuild/dev-python/pypy3@3.9.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.9.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/76111?format=api", "purl": "pkg:ebuild/dev-python/pypy3@3.10.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.10.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/76112?format=api", "purl": "pkg:ebuild/dev-python/pypy3@3.11.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.11.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/76113?format=api", "purl": "pkg:ebuild/dev-python/pypy3@3.12.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@3.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/76114?format=api", "purl": "pkg:ebuild/dev-python/pypy3@7.3.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3@7.3.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/76115?format=api", "purl": "pkg:ebuild/dev-python/pypy3_10@3.8.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.8.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/76116?format=api", "purl": "pkg:ebuild/dev-python/pypy3_10@3.9.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.9.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/76117?format=api", "purl": "pkg:ebuild/dev-python/pypy3_10@3.10.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.10.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/76118?format=api", "purl": "pkg:ebuild/dev-python/pypy3_10@3.11.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.11.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/76119?format=api", "purl": "pkg:ebuild/dev-python/pypy3_10@3.12.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@3.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/76120?format=api", "purl": "pkg:ebuild/dev-python/pypy3_10@7.3.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_10@7.3.16" }, { "url": "http://public2.vulnerablecode.io/api/packages/76121?format=api", "purl": "pkg:ebuild/dev-python/pypy3_9@3.8.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.8.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/76122?format=api", "purl": "pkg:ebuild/dev-python/pypy3_9@3.9.19", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.9.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/76123?format=api", "purl": "pkg:ebuild/dev-python/pypy3_9@3.10.14", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.10.14" }, { "url": "http://public2.vulnerablecode.io/api/packages/76124?format=api", "purl": "pkg:ebuild/dev-python/pypy3_9@3.11.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.11.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/76125?format=api", "purl": "pkg:ebuild/dev-python/pypy3_9@3.12.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@3.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/76126?format=api", "purl": "pkg:ebuild/dev-python/pypy3_9@7.3.16", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-python/pypy3_9@7.3.16" } ], "affected_packages": [], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6507.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6507.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24093", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24209", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24197", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24174", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2405", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.23997", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.23888", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2397", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24038", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.23985", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24005", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24382", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24166", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24232", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24276", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24293", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27973", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6507" }, { "reference_url": "https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b", "reference_id": "10e9bb13b8dcaa414645b9bd10718d8f7179e82b", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://github.com/python/cpython/commit/10e9bb13b8dcaa414645b9bd10718d8f7179e82b" }, { "reference_url": "https://github.com/python/cpython/issues/112334", "reference_id": "112334", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://github.com/python/cpython/issues/112334" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293948", "reference_id": "2293948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293948" }, { "reference_url": "https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06", "reference_id": "85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://github.com/python/cpython/commit/85bbfa8a4bbdbb61a3a84fbd7cb29a4096ab8a06" }, { "reference_url": "https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610", "reference_id": "9fe7655c6ce0b8e9adc229daf681b6d30e6b1610", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://github.com/python/cpython/commit/9fe7655c6ce0b8e9adc229daf681b6d30e6b1610" }, { "reference_url": "https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/", "reference_id": "AUL7QFHBLILGISS7U63B47AYSSGJJQZD", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-31T20:16:20Z/" } ], "url": "https://mail.python.org/archives/list/security-announce@python.org/thread/AUL7QFHBLILGISS7U63B47AYSSGJJQZD/" }, { "reference_url": "https://security.gentoo.org/glsa/202405-01", "reference_id": "GLSA-202405-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-01" }, { "reference_url": "https://usn.ubuntu.com/6891-1/", "reference_id": "USN-6891-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6891-1/" } ], "weaknesses": [ { "cwe_id": 269, "name": "Improper Privilege Management", "description": "The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor." } ], "exploits": [], "severity_range_score": "6.1 - 6.1", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s7qf-hjkq-wkdy" }