Lookup Repos for an RPM

I have a requirement to match rpm's with errata (CVE's). I can get the list of errata from a repo

GET /katello/api/repositories/:repository_id/errata?repository_id=:id

Which is good. But each errata record lists ALL of the RPM's that are affected by the package. Whether they're in the repo or not. That includes el6 and el7 RPM's even of the repo is el6 only (e.g. The RHEL-6 server repo)

So I need to filter out the RPM's that aren't included in the repo I'm pulling the errata for.. That looks easy, but with the number of errata and packages, it soon adds up to being quite slow...

Caching lookups helps, but that soon degenerates into being no better than doing a (Potentially huge) query of just pulling all the RPM's in the repo before pulling the errata and doing a cross-match.. I'd like to avoid that (Possibly I won't be able to, but it's worth trying before I brute force it - this is more important when I'm just pulling the errata for the last week, rather than all the errata for a repo).

So the important question... Is it possible to get info for a single package that lists ALL of the repos it belongs to? All of the package queries I've tried don't list any of the repos... is there a better way to find which repos a package is in than looking it up in every repo?