Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/52822?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/52822?format=api", "purl": "pkg:composer/typo3/cms@8.3.0", "type": "composer", "namespace": "typo3", "name": "cms", "version": "8.3.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "8.7.5", "latest_non_vulnerable_version": "12.2.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38829?format=api", "vulnerability_id": "VCID-h7cg-64er-uya9", "summary": "Unrestricted Upload of File with Dangerous Type\nUnrestricted File Upload vulnerability in the `fileDenyPattern` in `sysext/core/Classes/Core/SystemEnvironmentBuilder`.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2017-007/" }, { "reference_url": "http://www.securityfocus.com/bid/100620", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/100620" }, { "reference_url": "http://www.securitytracker.com/id/1039295", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039295" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14251", "reference_id": "CVE-2017-14251", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14251" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54048?format=api", "purl": "pkg:composer/typo3/cms@8.7.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.5" } ], "aliases": [ "CVE-2017-14251" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h7cg-64er-uya9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41160?format=api", "vulnerability_id": "VCID-qv14-m93d-jyd9", "summary": "Cross-site Scripting\nTYPO3 allows XSS.", "references": [ { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12748", "reference_id": "CVE-2019-12748", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12748" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58251?format=api", "purl": "pkg:composer/typo3/cms@8.7.27", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.7.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/58252?format=api", "purl": "pkg:composer/typo3/cms@9.5.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@9.5.8" } ], "aliases": [ "CVE-2019-12748" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qv14-m93d-jyd9" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38159?format=api", "vulnerability_id": "VCID-hzma-cduk-3uhp", "summary": "Cross-site Scripting\nXSS in TYPO3 Backend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-021" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52820?format=api", "purl": "pkg:composer/typo3/cms@6.2.27", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/52821?format=api", "purl": "pkg:composer/typo3/cms@7.6.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/52822?format=api", "purl": "pkg:composer/typo3/cms@8.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-qv14-m93d-jyd9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.0" } ], "aliases": [ "GMS-2016-155" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzma-cduk-3uhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38157?format=api", "vulnerability_id": "VCID-yn6z-9v7k-x7br", "summary": "Uncontrolled Resource Consumption\nCache Flooding in TYPO3 Frontend.", "references": [ { "reference_url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-022" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/52820?format=api", "purl": "pkg:composer/typo3/cms@6.2.27", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@6.2.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/52821?format=api", "purl": "pkg:composer/typo3/cms@7.6.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@7.6.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/52822?format=api", "purl": "pkg:composer/typo3/cms@8.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-h7cg-64er-uya9" }, { "vulnerability": "VCID-qv14-m93d-jyd9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.0" } ], "aliases": [ "GMS-2016-156" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yn6z-9v7k-x7br" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@8.3.0" }