Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/404982?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/404982?format=api", "purl": "pkg:pypi/js.jquery-datatables@1.9.4-1", "type": "pypi", "namespace": "", "name": "js.jquery-datatables", "version": "1.9.4-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/361635?format=api", "vulnerability_id": "VCID-6jkn-521p-8qfw", "summary": "XSS vulnerability\nBy exploiting a Cross-site scripting vulnerability, an attacker can hijack a user's session. This means that the malicious hacker can change the user's password and invalidate the session of the victim while the hacker maintains access.", "references": [ { "reference_url": "https://github.com/DataTables/DataTables/issues/602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/DataTables/DataTables/issues/602" }, { "reference_url": "https://github.com/DataTables/DataTablesSrc/commit/ccf86dc5982bd8e16d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/DataTables/DataTablesSrc/commit/ccf86dc5982bd8e16d" }, { "reference_url": "https://www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/", "reference_id": "CVE-2015-6384-XSS-VULNERABILITY-IDENTIFIED-IN-DATATABLES", "reference_type": "", "scores": [], "url": "https://www.netsparker.com/cve-2015-6384-xss-vulnerability-identified-in-datatables/" } ], "fixed_packages": [], "aliases": [ "GMS-2015-26" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6jkn-521p-8qfw" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/js.jquery-datatables@1.9.4-1" }