Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/nuclide@0.270.0
Typenpm
Namespace
Namenuclide
Version0.270.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.290.0
Latest_non_vulnerable_version0.290.0
Affected_by_vulnerabilities
0
url VCID-8t7r-zasu-e7ee
vulnerability_id VCID-8t7r-zasu-e7ee
summary The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code execution. This issue affected Nuclide prior to v0.290.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-6333
reference_id
reference_type
scores
0
value 0.01115
scoring_system epss
scoring_elements 0.78663
published_at 2026-06-12T12:55:00Z
1
value 0.01115
scoring_system epss
scoring_elements 0.78676
published_at 2026-06-14T12:55:00Z
2
value 0.01115
scoring_system epss
scoring_elements 0.78597
published_at 2026-06-11T12:55:00Z
3
value 0.01115
scoring_system epss
scoring_elements 0.7868
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-6333
1
reference_url https://github.com/facebook/nuclide/commit/65f6bbd683404be1bb569b8d1be84b5d4c74a324
reference_id 65f6bbd683404be1bb569b8d1be84b5d4c74a324
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-01T20:16:45Z/
url https://github.com/facebook/nuclide/commit/65f6bbd683404be1bb569b8d1be84b5d4c74a324
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-6333
reference_id CVE-2018-6333
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-6333
3
reference_url https://github.com/advisories/GHSA-r83x-wj75-v89r
reference_id GHSA-r83x-wj75-v89r
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r83x-wj75-v89r
fixed_packages
0
url pkg:npm/nuclide@0.290.0
purl pkg:npm/nuclide@0.290.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/nuclide@0.290.0
aliases CVE-2018-6333, GHSA-r83x-wj75-v89r
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8t7r-zasu-e7ee
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/nuclide@0.270.0