Package Instance

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/202066?format=api",
    "purl": "pkg:composer/typo3/neos@1.2.10",
    "type": "composer",
    "namespace": "typo3",
    "name": "neos",
    "version": "1.2.10",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": "1.2.13",
    "latest_non_vulnerable_version": "4.3.3",
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37958?format=api",
            "vulnerability_id": "VCID-eyk1-hqju-cfc2",
            "summary": "XSS Vulnerabilities\nNeos is vulnerable to several XSS attacks. Through these vulnerabilities, an attacker could tamper with page rendering, redirect victims to a fake login page, or capture user credentials (such as cookies). With the potential backdoor upload an attacker could gain access to the server itself, to an extent mainly limited by the server setup.",
            "references": [
                {
                    "reference_url": "https://www.neos.io/news/neos-sa-2015-002.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.neos.io/news/neos-sa-2015-002.html"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/52420?format=api",
                    "purl": "pkg:composer/typo3/neos@1.2.13",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.2.13"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/202069?format=api",
                    "purl": "pkg:composer/typo3/neos@2.0.0-RC1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@2.0.0-RC1"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/52421?format=api",
                    "purl": "pkg:composer/typo3/neos@2.0.4",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@2.0.4"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/202073?format=api",
                    "purl": "pkg:composer/typo3/neos@2.3.3",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@2.3.3"
                }
            ],
            "aliases": [
                "GMS-2015-46"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eyk1-hqju-cfc2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37954?format=api",
            "vulnerability_id": "VCID-kftp-w8kn-9ybx",
            "summary": "Cross-site Scripting\nXSS vulnerabilities in Neos.",
            "references": [
                {
                    "reference_url": "https://www.neos.io/news/neos-sa-2015-002.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.neos.io/news/neos-sa-2015-002.html"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/52420?format=api",
                    "purl": "pkg:composer/typo3/neos@1.2.13",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.2.13"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/202069?format=api",
                    "purl": "pkg:composer/typo3/neos@2.0.0-RC1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@2.0.0-RC1"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/52421?format=api",
                    "purl": "pkg:composer/typo3/neos@2.0.4",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@2.0.4"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/202073?format=api",
                    "purl": "pkg:composer/typo3/neos@2.3.3",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@2.3.3"
                }
            ],
            "aliases": [
                "GMS-2015-94"
            ],
            "risk_score": null,
            "exploitability": "0.5",
            "weighted_severity": "0.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kftp-w8kn-9ybx"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/neos@1.2.10"
}