Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/433897?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/433897?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.2", "type": "composer", "namespace": "ezsystems", "name": "ezpublish-legacy", "version": "2018.06.1.2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2019.03.6", "latest_non_vulnerable_version": "2019.03.6", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/362331?format=api", "vulnerability_id": "VCID-1n4y-a3m5-13ce", "summary": "EZSA-2018-009 Do not interpret PHP/PHAR uploads", "references": [ { "reference_url": "http://share.ez.no/community-project/security-advisories/ezsa-2018-009-do-not-interpret-php-phar-uploads", "reference_id": "", "reference_type": "", "scores": [], "url": "http://share.ez.no/community-project/security-advisories/ezsa-2018-009-do-not-interpret-php-phar-uploads" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433890?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-95mj-pnx2-gfh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/31345?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gvfu-agv3-g7cy" }, { "vulnerability": "VCID-mfrx-h2sj-x3fg" }, { "vulnerability": "VCID-yr2r-tgv2-gqd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.3.0" } ], "aliases": [ "GMS-2018-67" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1n4y-a3m5-13ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/362328?format=api", "vulnerability_id": "VCID-8adf-j2sz-qke2", "summary": "EZSA-2018-006 XSS vulnerability in 'disabled module' error template", "references": [ { "reference_url": "http://share.ez.no/community-project/security-advisories/ezsa-2018-006-xss-vulnerability-in-disabled-module-error-template", "reference_id": "", "reference_type": "", "scores": [], "url": "http://share.ez.no/community-project/security-advisories/ezsa-2018-006-xss-vulnerability-in-disabled-module-error-template" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433890?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-95mj-pnx2-gfh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/31337?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/31345?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-gvfu-agv3-g7cy" }, { "vulnerability": "VCID-mfrx-h2sj-x3fg" }, { "vulnerability": "VCID-yr2r-tgv2-gqd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.3.0" } ], "aliases": [ "GMS-2018-66" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8adf-j2sz-qke2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/361174?format=api", "vulnerability_id": "VCID-95mj-pnx2-gfh6", "summary": "Content object state fetch functions open to SQL injection\n### Impact\nThis Security Update is about a vulnerability in eZ Publish Legacy. The content object state code could be vulnerable to SQL injection. There is no known exploit, but one might be possible. If you use Legacy in any way, we strongly recommend that you install this update as soon as possible.\n\n### Patches\nThe fix is distributed via Composer, see \"Patched versions\".", "references": [ { "reference_url": "https://developers.ibexa.co/security-advisories/ibexa-sa-2021-005-content-object-state-fetch-functions-open-to-sql-injection", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://developers.ibexa.co/security-advisories/ibexa-sa-2021-005-content-object-state-fetch-functions-open-to-sql-injection" }, { "reference_url": "https://github.com/ezsystems/ezpublish-legacy", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy" }, { "reference_url": "https://github.com/ezsystems/ezpublish-legacy/commit/f8e3a97afd92efb9148134a4bacb35a875777a42", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy/commit/f8e3a97afd92efb9148134a4bacb35a875777a42" }, { "reference_url": "https://github.com/ezsystems/ezpublish-legacy/security/advisories/GHSA-jpwx-ffjq-wr4w", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy/security/advisories/GHSA-jpwx-ffjq-wr4w" }, { "reference_url": "https://github.com/advisories/GHSA-jpwx-ffjq-wr4w", "reference_id": "GHSA-jpwx-ffjq-wr4w", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jpwx-ffjq-wr4w" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/515391?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.03.6", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.03.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/382663?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.3.6%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.3.6%252B1" } ], "aliases": [ "GHSA-jpwx-ffjq-wr4w", "GMS-2021-112" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-95mj-pnx2-gfh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211838?format=api", "vulnerability_id": "VCID-cqdb-wk9t-9ubg", "summary": "Ez Platform and Legacy are prone to an insecure interpretation of PHP/PHAR uploads", "references": [ { "reference_url": "https://github.com/ezsystems/ezplatform/commit/9a0c52dc4535e4b3ce379f80222dc53f705a2cfd", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezplatform/commit/9a0c52dc4535e4b3ce379f80222dc53f705a2cfd" }, { "reference_url": "https://github.com/ezsystems/ezpublish-legacy", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy" }, { "reference_url": "https://github.com/ezsystems/ezpublish-legacy/commit/d21957bf202b091ab39dfb5be300f6c30be3933e", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy/commit/d21957bf202b091ab39dfb5be300f6c30be3933e" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2018-11-21-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2018-11-21-1.yaml" }, { "reference_url": "http://share.ez.no/community-project/security-advisories/ezsa-2018-009-do-not-interpret-php-phar-uploads", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://share.ez.no/community-project/security-advisories/ezsa-2018-009-do-not-interpret-php-phar-uploads" }, { "reference_url": "https://web.archive.org/web/20210614192208/https://share.ez.no/community-project/security-advisories/ezsa-2018-009-do-not-interpret-php-phar-uploads", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210614192208/https://share.ez.no/community-project/security-advisories/ezsa-2018-009-do-not-interpret-php-phar-uploads" }, { "reference_url": "https://github.com/advisories/GHSA-pqjm-xcp8-wgmm", "reference_id": "GHSA-pqjm-xcp8-wgmm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pqjm-xcp8-wgmm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/433890?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-95mj-pnx2-gfh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/31337?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/515384?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.09.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-95mj-pnx2-gfh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.09.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/31340?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.9.1%2B3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.9.1%252B3" } ], "aliases": [ "GHSA-pqjm-xcp8-wgmm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cqdb-wk9t-9ubg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211836?format=api", "vulnerability_id": "VCID-k8yx-97wb-r7af", "summary": "eZ Publish Legacy Cross-site Scripting (XSS) in 'disabled module' error template", "references": [ { "reference_url": "https://github.com/ezsystems/ezpublish-legacy", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy" }, { "reference_url": "https://github.com/ezsystems/ezpublish-legacy/commit/4697bff700e8cf95d5847ea19dad3479a77b02d9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy/commit/4697bff700e8cf95d5847ea19dad3479a77b02d9" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2018-11-01-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2018-11-01-1.yaml" }, { "reference_url": "http://share.ez.no/community-project/security-advisories/ezsa-2018-006-xss-vulnerability-in-disabled-module-error-template", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://share.ez.no/community-project/security-advisories/ezsa-2018-006-xss-vulnerability-in-disabled-module-error-template" }, { "reference_url": "https://web.archive.org/web/20210614172734/http://share.ez.no/community-project/security-advisories/ezsa-2018-006-xss-vulnerability-in-disabled-module-error-template", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210614172734/http://share.ez.no/community-project/security-advisories/ezsa-2018-006-xss-vulnerability-in-disabled-module-error-template" }, { "reference_url": "https://github.com/advisories/GHSA-2vh3-cj9j-mcj5", "reference_id": "GHSA-2vh3-cj9j-mcj5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-2vh3-cj9j-mcj5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31327?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%2B3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%252B3" }, { "url": "http://public2.vulnerablecode.io/api/packages/434430?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1n4y-a3m5-13ce" }, { "vulnerability": "VCID-95mj-pnx2-gfh6" }, { "vulnerability": "VCID-cqdb-wk9t-9ubg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/434431?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.09.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1n4y-a3m5-13ce" }, { "vulnerability": "VCID-95mj-pnx2-gfh6" }, { "vulnerability": "VCID-cqdb-wk9t-9ubg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.09.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/31330?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.9.1%2B2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.9.1%252B2" } ], "aliases": [ "GHSA-2vh3-cj9j-mcj5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k8yx-97wb-r7af" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211837?format=api", "vulnerability_id": "VCID-hzh3-v9j1-x7fb", "summary": "eZ Publish Legacy Passwordless login for LDAP users", "references": [ { "reference_url": "https://github.com/ezsystems/ezpublish-legacy", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy" }, { "reference_url": "https://github.com/ezsystems/ezpublish-legacy/commit/01930a95637389301f762be1439f726013e58aba", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy/commit/01930a95637389301f762be1439f726013e58aba" }, { "reference_url": "https://github.com/ezsystems/ezpublish-legacy/pull/1394", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy/pull/1394" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2018-10-31-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2018-10-31-1.yaml" }, { "reference_url": "https://issues.ibexa.co/browse/EZP-29703", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.ibexa.co/browse/EZP-29703" }, { "reference_url": "https://web.archive.org/web/20201027063527/https://magento.com/security/news/new-zend-framework-1-security-vulnerability", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201027063527/https://magento.com/security/news/new-zend-framework-1-security-vulnerability" }, { "reference_url": "https://web.archive.org/web/20210614184552/https://share.ez.no/community-project/security-advisories/ezsa-2018-005-passwordless-login-for-ldap-users", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210614184552/https://share.ez.no/community-project/security-advisories/ezsa-2018-005-passwordless-login-for-ldap-users" }, { "reference_url": "https://github.com/advisories/GHSA-p9mp-vq4v-v5m5", "reference_id": "GHSA-p9mp-vq4v-v5m5", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p9mp-vq4v-v5m5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/31334?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@5.3.12%2B4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@5.3.12%252B4" }, { "url": "http://public2.vulnerablecode.io/api/packages/31336?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@5.4.12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@5.4.12%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/433896?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1n4y-a3m5-13ce" }, { "vulnerability": "VCID-8adf-j2sz-qke2" }, { "vulnerability": "VCID-8g2d-vzzv-3ygm" }, { "vulnerability": "VCID-95mj-pnx2-gfh6" }, { "vulnerability": "VCID-cqdb-wk9t-9ubg" }, { "vulnerability": "VCID-k8yx-97wb-r7af" }, { "vulnerability": "VCID-mfrx-h2sj-x3fg" }, { "vulnerability": "VCID-yr2r-tgv2-gqd4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/31333?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.4%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.4%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/433897?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1n4y-a3m5-13ce" }, { "vulnerability": "VCID-8adf-j2sz-qke2" }, { "vulnerability": "VCID-95mj-pnx2-gfh6" }, { "vulnerability": "VCID-cqdb-wk9t-9ubg" }, { "vulnerability": "VCID-k8yx-97wb-r7af" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/31332?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%2B2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.6.1%252B2" }, { "url": "http://public2.vulnerablecode.io/api/packages/433898?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.09.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1n4y-a3m5-13ce" }, { "vulnerability": "VCID-8adf-j2sz-qke2" }, { "vulnerability": "VCID-95mj-pnx2-gfh6" }, { "vulnerability": "VCID-cqdb-wk9t-9ubg" }, { "vulnerability": "VCID-k8yx-97wb-r7af" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.09.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/31335?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2018.9.1%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.9.1%252B1" } ], "aliases": [ "GHSA-p9mp-vq4v-v5m5" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzh3-v9j1-x7fb" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2018.06.1.2" }