Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:npm/ids-enterprise@4.12.0-dev.20180929

Type npm

Namespace

Name ids-enterprise

Version 4.12.0-dev.20180929

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.18.2

Latest_non_vulnerable_version 4.18.2

Affected_by_vulnerabilities

url VCID-69uc-s3sx-g7d7

vulnerability_id VCID-69uc-s3sx-g7d7

summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ids-enterprise.

references

reference_url

https://github.com/infor-design/enterprise/commit/ce7b335bb614a6720867abf5b8eb351deb13aed1

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/infor-design/enterprise/commit/ce7b335bb614a6720867abf5b8eb351deb13aed1

reference_url

https://github.com/infor-design/enterprise-ng/issues/502

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/infor-design/enterprise-ng/issues/502

reference_url

https://www.npmjs.com/advisories/955

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.npmjs.com/advisories/955

reference_url

https://github.com/advisories/GHSA-crfx-5phg-hmw9

reference_id

GHSA-crfx-5phg-hmw9

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-crfx-5phg-hmw9

fixed_packages

url	pkg:npm/ids-enterprise@4.18.2
purl	pkg:npm/ids-enterprise@4.18.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/ids-enterprise@4.18.2

aliases GHSA-crfx-5phg-hmw9, GMS-2019-32

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-69uc-s3sx-g7d7

url VCID-c44q-mufk-fffs

vulnerability_id VCID-c44q-mufk-fffs

summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ids-enterprise.

references

reference_url

https://github.com/infor-design/enterprise/commit/6bd74d8f38c268b22f31e8169316e065e0093362

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/infor-design/enterprise/commit/6bd74d8f38c268b22f31e8169316e065e0093362

reference_url

https://github.com/infor-design/enterprise-ng/issues/503

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/infor-design/enterprise-ng/issues/503

reference_url

https://www.npmjs.com/advisories/956

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.npmjs.com/advisories/956

reference_url

https://github.com/advisories/GHSA-49r3-3h96-rwj6

reference_id

GHSA-49r3-3h96-rwj6

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-49r3-3h96-rwj6

fixed_packages

url	pkg:npm/ids-enterprise@4.18.2
purl	pkg:npm/ids-enterprise@4.18.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/ids-enterprise@4.18.2

aliases GHSA-49r3-3h96-rwj6, GMS-2019-31

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c44q-mufk-fffs

url VCID-fuay-qvtm-q3es

vulnerability_id VCID-fuay-qvtm-q3es

summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in ids-enterprise.

references

reference_url

https://github.com/infor-design/enterprise/commit/9b57aaa0321bf2e5baa6c4c5c1eb3b8312e215c4

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/infor-design/enterprise/commit/9b57aaa0321bf2e5baa6c4c5c1eb3b8312e215c4

reference_url

https://github.com/infor-design/enterprise-ng/issues/511

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/infor-design/enterprise-ng/issues/511

reference_url

https://www.npmjs.com/advisories/957

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.npmjs.com/advisories/957

reference_url

https://github.com/advisories/GHSA-hpfq-8wx8-cgqw

reference_id

GHSA-hpfq-8wx8-cgqw

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hpfq-8wx8-cgqw

fixed_packages

url	pkg:npm/ids-enterprise@4.18.2
purl	pkg:npm/ids-enterprise@4.18.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/ids-enterprise@4.18.2

aliases GHSA-hpfq-8wx8-cgqw, GMS-2019-33

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fuay-qvtm-q3es

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:npm/ids-enterprise@4.12.0-dev.20180929

Package Instance