Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/146265?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/146265?format=api", "purl": "pkg:npm/vditor@3.8.11", "type": "npm", "namespace": "", "name": "vditor", "version": "3.8.11", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "3.8.13", "latest_non_vulnerable_version": "3.10.4", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42647?format=api", "vulnerability_id": "VCID-bvq3-s9r6-dkdv", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.12.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33963", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34048", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.3408", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34065", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0341" }, { "reference_url": "https://github.com/vanessa219/vditor", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vanessa219/vditor" }, { "reference_url": "https://github.com/vanessa219/vditor/commit/219f8a9e272aba3cbc0096a82cac776532dbb9e5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vanessa219/vditor/commit/219f8a9e272aba3cbc0096a82cac776532dbb9e5" }, { "reference_url": "https://github.com/Vanessa219/vditor/issues/1102", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Vanessa219/vditor/issues/1102" }, { "reference_url": "https://huntr.dev/bounties/fa546b57-bc15-4705-824e-9474b616f628", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/fa546b57-bc15-4705-824e-9474b616f628" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0341", "reference_id": "CVE-2022-0341", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0341" }, { "reference_url": "https://github.com/advisories/GHSA-pq37-4c4g-v38c", "reference_id": "GHSA-pq37-4c4g-v38c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pq37-4c4g-v38c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60966?format=api", "purl": "pkg:npm/vditor@3.8.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dnkm-ry7a-6kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/vditor@3.8.12" } ], "aliases": [ "CVE-2022-0341", "GHSA-pq37-4c4g-v38c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvq3-s9r6-dkdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42813?format=api", "vulnerability_id": "VCID-dnkm-ry7a-6kam", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0350", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36389", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.3635", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36287", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.3638", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0350" }, { "reference_url": "https://github.com/vanessa219/vditor", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vanessa219/vditor" }, { "reference_url": "https://github.com/vanessa219/vditor/commit/e912e36ea98251d700499b1ac7702708d3398476", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vanessa219/vditor/commit/e912e36ea98251d700499b1ac7702708d3398476" }, { "reference_url": "https://huntr.dev/bounties/8202aa06-4b49-45ff-aa0f-00982f62005c", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/8202aa06-4b49-45ff-aa0f-00982f62005c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0350", "reference_id": "CVE-2022-0350", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0350" }, { "reference_url": "https://github.com/advisories/GHSA-689x-x68p-fph3", "reference_id": "GHSA-689x-x68p-fph3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-689x-x68p-fph3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/61182?format=api", "purl": "pkg:npm/vditor@3.8.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/vditor@3.8.13" } ], "aliases": [ "CVE-2022-0350", "GHSA-689x-x68p-fph3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnkm-ry7a-6kam" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42647?format=api", "vulnerability_id": "VCID-bvq3-s9r6-dkdv", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.12.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33963", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34048", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.3408", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34065", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0341" }, { "reference_url": "https://github.com/vanessa219/vditor", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vanessa219/vditor" }, { "reference_url": "https://github.com/vanessa219/vditor/commit/219f8a9e272aba3cbc0096a82cac776532dbb9e5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vanessa219/vditor/commit/219f8a9e272aba3cbc0096a82cac776532dbb9e5" }, { "reference_url": "https://github.com/Vanessa219/vditor/issues/1102", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Vanessa219/vditor/issues/1102" }, { "reference_url": "https://huntr.dev/bounties/fa546b57-bc15-4705-824e-9474b616f628", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/fa546b57-bc15-4705-824e-9474b616f628" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0341", "reference_id": "CVE-2022-0341", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0341" }, { "reference_url": "https://github.com/advisories/GHSA-pq37-4c4g-v38c", "reference_id": "GHSA-pq37-4c4g-v38c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pq37-4c4g-v38c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/146265?format=api", "purl": "pkg:npm/vditor@3.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bvq3-s9r6-dkdv" }, { "vulnerability": "VCID-dnkm-ry7a-6kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/vditor@3.8.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/60966?format=api", "purl": "pkg:npm/vditor@3.8.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dnkm-ry7a-6kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/vditor@3.8.12" } ], "aliases": [ "CVE-2022-0341", "GHSA-pq37-4c4g-v38c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvq3-s9r6-dkdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42170?format=api", "vulnerability_id": "VCID-uh57-j7t7-wueh", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vdit", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42771", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42833", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42856", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42845", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4103" }, { "reference_url": "https://github.com/vanessa219/vditor", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vanessa219/vditor" }, { "reference_url": "https://github.com/vanessa219/vditor/commit/8d4d0889dd72b2f839e93a49db3da3a370416c7d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/vanessa219/vditor/commit/8d4d0889dd72b2f839e93a49db3da3a370416c7d" }, { "reference_url": "https://github.com/Vanessa219/vditor/issues/1133", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Vanessa219/vditor/issues/1133" }, { "reference_url": "https://huntr.dev/bounties/67b980af-7357-4879-9448-a926c6474225", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/67b980af-7357-4879-9448-a926c6474225" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4103", "reference_id": "CVE-2021-4103", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4103" }, { "reference_url": "https://github.com/advisories/GHSA-cxm3-v4mv-6mh8", "reference_id": "GHSA-cxm3-v4mv-6mh8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cxm3-v4mv-6mh8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60262?format=api", "purl": "pkg:npm/vditor@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-a4ch-e314-wfc8" }, { "vulnerability": "VCID-bvq3-s9r6-dkdv" }, { "vulnerability": "VCID-dnkm-ry7a-6kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/vditor@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/146265?format=api", "purl": "pkg:npm/vditor@3.8.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-bvq3-s9r6-dkdv" }, { "vulnerability": "VCID-dnkm-ry7a-6kam" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/vditor@3.8.11" } ], "aliases": [ "CVE-2021-4103", "GHSA-cxm3-v4mv-6mh8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uh57-j7t7-wueh" } ], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/vditor@3.8.11" }