GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/6979?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6979?format=api",
    "vulnerability_id": "VCID-tjhj-1wc7-rych",
    "summary": "denial of service",
    "aliases": [
        {
            "alias": "CVE-2021-4044"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/59828?format=api",
            "purl": "pkg:conan/openssl@1.0.2s",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-w1qj-n768-hbar"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/openssl@1.0.2s"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/59829?format=api",
            "purl": "pkg:conan/openssl@3.0.1",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.1"
        }
    ],
    "affected_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/2272?format=api",
            "purl": "pkg:alpm/archlinux/openssl@1.1.1.l-1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-tjhj-1wc7-rych"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/openssl@1.1.1.l-1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/59826?format=api",
            "purl": "pkg:conan/openssl@1.1.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-nqu1-ffyz-wubt"
                },
                {
                    "vulnerability": "VCID-tjhj-1wc7-rych"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/openssl@1.1.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/59827?format=api",
            "purl": "pkg:conan/openssl@3.0.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-1hgm-58xg-r7bt"
                },
                {
                    "vulnerability": "VCID-1yjs-f4gq-h7ht"
                },
                {
                    "vulnerability": "VCID-3g6n-ujyv-jub3"
                },
                {
                    "vulnerability": "VCID-5a2a-trbk-fkfg"
                },
                {
                    "vulnerability": "VCID-5rhg-tvzd-h7es"
                },
                {
                    "vulnerability": "VCID-86j5-ag2t-2qhj"
                },
                {
                    "vulnerability": "VCID-8q7w-7je3-zkgt"
                },
                {
                    "vulnerability": "VCID-97cm-wmq1-gkfd"
                },
                {
                    "vulnerability": "VCID-as38-bfar-q3hh"
                },
                {
                    "vulnerability": "VCID-erdm-7pfg-e7hc"
                },
                {
                    "vulnerability": "VCID-f2np-fk61-nbh1"
                },
                {
                    "vulnerability": "VCID-gj2m-z5b6-6yf2"
                },
                {
                    "vulnerability": "VCID-ju5y-bakm-mqd8"
                },
                {
                    "vulnerability": "VCID-m7sy-6spe-6yau"
                },
                {
                    "vulnerability": "VCID-mm8w-472m-puea"
                },
                {
                    "vulnerability": "VCID-mnkq-e45g-fyfw"
                },
                {
                    "vulnerability": "VCID-nqu1-ffyz-wubt"
                },
                {
                    "vulnerability": "VCID-nx5k-32hq-yuh4"
                },
                {
                    "vulnerability": "VCID-s6rb-rb8j-yfc6"
                },
                {
                    "vulnerability": "VCID-sd2f-6nk6-dua6"
                },
                {
                    "vulnerability": "VCID-se2f-3x6g-7uc6"
                },
                {
                    "vulnerability": "VCID-taas-512g-jfdw"
                },
                {
                    "vulnerability": "VCID-tjhj-1wc7-rych"
                },
                {
                    "vulnerability": "VCID-ts7c-u8g2-rqa4"
                },
                {
                    "vulnerability": "VCID-vyxk-cz2r-ffgf"
                },
                {
                    "vulnerability": "VCID-w1qj-n768-hbar"
                },
                {
                    "vulnerability": "VCID-yhn2-ctzh-ducy"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/openssl@3.0.0"
        }
    ],
    "references": [
        {
            "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=758754966791c537ea95241438454aa86f91f256",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=758754966791c537ea95241438454aa86f91f256"
        },
        {
            "reference_url": "https://www.openssl.org/news/secadv/20211214.txt",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://www.openssl.org/news/secadv/20211214.txt"
        },
        {
            "reference_url": "https://security.archlinux.org/AVG-2641",
            "reference_id": "AVG-2641",
            "reference_type": "",
            "scores": [
                {
                    "value": "Medium",
                    "scoring_system": "archlinux",
                    "scoring_elements": ""
                }
            ],
            "url": "https://security.archlinux.org/AVG-2641"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4044",
            "reference_id": "CVE-2021-4044",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4044"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 1035,
            "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities",
            "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."
        },
        {
            "cwe_id": 835,
            "name": "Loop with Unreachable Exit Condition ('Infinite Loop')",
            "description": "The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop."
        },
        {
            "cwe_id": 937,
            "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities",
            "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."
        }
    ],
    "exploits": [],
    "severity_range_score": "4.0 - 6.9",
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tjhj-1wc7-rych"
}