Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/58196?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/58196?format=api", "purl": "pkg:composer/october/october@2.0.0", "type": "composer", "namespace": "october", "name": "october", "version": "2.0.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200969?format=api", "vulnerability_id": "VCID-6c34-8p7a-3yeu", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67579", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35944" }, { "reference_url": "https://github.com/octobercms/october", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/octobercms/october" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35944", "reference_id": "CVE-2022-35944", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35944" }, { "reference_url": "https://github.com/advisories/GHSA-x4q7-m6fp-4v9v", "reference_id": "GHSA-x4q7-m6fp-4v9v", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x4q7-m6fp-4v9v" }, { "reference_url": "https://github.com/octobercms/october/security/advisories/GHSA-x4q7-m6fp-4v9v", "reference_id": "GHSA-x4q7-m6fp-4v9v", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L" }, { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:47:57Z/" } ], "url": "https://github.com/octobercms/october/security/advisories/GHSA-x4q7-m6fp-4v9v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/567866?format=api", "purl": "pkg:composer/october/october@3.0.74", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6ts3-zne8-rfc3" }, { "vulnerability": "VCID-7naw-rdj5-e7fh" }, { "vulnerability": "VCID-9nyg-tawj-qyay" }, { "vulnerability": "VCID-c7zm-krtx-8qam" }, { "vulnerability": "VCID-zr3q-9kez-8ucc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/october/october@3.0.74" } ], "aliases": [ "CVE-2022-35944", "GHSA-x4q7-m6fp-4v9v" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6c34-8p7a-3yeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/269611?format=api", "vulnerability_id": "VCID-6ts3-zne8-rfc3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-51991", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54684", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-51991" }, { "reference_url": "https://github.com/octobercms/october", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/octobercms/october" }, { "reference_url": "https://github.com/octobercms/october/security/advisories/GHSA-96hh-8hx5-cpw7", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-05T18:06:02Z/" } ], "url": "https://github.com/octobercms/october/security/advisories/GHSA-96hh-8hx5-cpw7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51991", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51991" }, { "reference_url": "https://github.com/advisories/GHSA-96hh-8hx5-cpw7", "reference_id": "GHSA-96hh-8hx5-cpw7", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-96hh-8hx5-cpw7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/768604?format=api", "purl": "pkg:composer/october/october@3.7.10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/october/october@3.7.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/196230?format=api", "purl": "pkg:composer/october/october@3.7.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/october/october@3.7.5" } ], "aliases": [ "CVE-2024-51991", "GHSA-96hh-8hx5-cpw7" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ts3-zne8-rfc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/264721?format=api", "vulnerability_id": "VCID-c7zm-krtx-8qam", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45962", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50602", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45962" }, { "reference_url": "https://github.com/octobercms/october", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "1.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/octobercms/october" }, { "reference_url": "https://grimthereaperteam.medium.com/october-cms-3-6-30-stored-xss-ddf2be7a226e", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "1.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T20:33:25Z/" } ], "url": "https://grimthereaperteam.medium.com/october-cms-3-6-30-stored-xss-ddf2be7a226e" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45962", "reference_id": "CVE-2024-45962", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" }, { "value": "1.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45962" }, { "reference_url": "https://github.com/advisories/GHSA-hxpp-g76m-qhvg", "reference_id": "GHSA-hxpp-g76m-qhvg", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hxpp-g76m-qhvg" } ], "fixed_packages": [], "aliases": [ "CVE-2024-45962", "GHSA-hxpp-g76m-qhvg" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c7zm-krtx-8qam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/192922?format=api", "vulnerability_id": "VCID-cgs9-puc2-dyfg", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02925", "scoring_system": "epss", "scoring_elements": "0.86653", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24800" }, { "reference_url": "https://github.com/octobercms/library/commit/fe569f3babf3f593be2b1e0a4ae0283506127a83", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:51:41Z/" } ], "url": "https://github.com/octobercms/library/commit/fe569f3babf3f593be2b1e0a4ae0283506127a83" }, { "reference_url": "https://github.com/octobercms/october", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/octobercms/october" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24800", "reference_id": "CVE-2022-24800", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24800" }, { "reference_url": "https://github.com/advisories/GHSA-8v7h-cpc2-r8jp", "reference_id": "GHSA-8v7h-cpc2-r8jp", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8v7h-cpc2-r8jp" }, { "reference_url": "https://github.com/octobercms/october/security/advisories/GHSA-8v7h-cpc2-r8jp", "reference_id": "GHSA-8v7h-cpc2-r8jp", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:51:41Z/" } ], "url": "https://github.com/octobercms/october/security/advisories/GHSA-8v7h-cpc2-r8jp" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/66764?format=api", "purl": "pkg:composer/october/october@3.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6c34-8p7a-3yeu" }, { "vulnerability": "VCID-6ts3-zne8-rfc3" }, { "vulnerability": "VCID-7naw-rdj5-e7fh" }, { "vulnerability": "VCID-9nyg-tawj-qyay" }, { "vulnerability": "VCID-c7zm-krtx-8qam" }, { "vulnerability": "VCID-zr3q-9kez-8ucc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/october/october@3.0.0" } ], "aliases": [ "CVE-2022-24800", "GHSA-8v7h-cpc2-r8jp" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cgs9-puc2-dyfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15109?format=api", "vulnerability_id": "VCID-r8fq-h2st-zuba", "summary": "Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')\nOctobercms is a self-hosted CMS platform based on the Laravel PHP Framework. In affected versions user input was not properly sanitized before rendering. An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass `cms.safe_mode` / `cms.enableSafeMode` in order to execute arbitrary code. This issue only affects admin panels that rely on safe mode and restricted permissions. To exploit this vulnerability, an attacker must first have access to the backend area. The issue has been patched in Build 474 (v1.0.474) and v1.1.10.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.70336", "scoring_system": "epss", "scoring_elements": "0.98709", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21705" }, { "reference_url": "https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:38Z/" } ], "url": "https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe" }, { "reference_url": "https://github.com/octobercms/october", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/octobercms/october" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21705", "reference_id": "CVE-2022-21705", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21705" }, { "reference_url": "https://github.com/advisories/GHSA-79jw-2f46-wv22", "reference_id": "GHSA-79jw-2f46-wv22", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-79jw-2f46-wv22" }, { "reference_url": "https://github.com/octobercms/october/security/advisories/GHSA-79jw-2f46-wv22", "reference_id": "GHSA-79jw-2f46-wv22", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T15:55:38Z/" } ], "url": "https://github.com/octobercms/october/security/advisories/GHSA-79jw-2f46-wv22" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59752?format=api", "purl": "pkg:composer/october/october@2.1.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6c34-8p7a-3yeu" }, { "vulnerability": "VCID-6ts3-zne8-rfc3" }, { "vulnerability": "VCID-c7zm-krtx-8qam" }, { "vulnerability": "VCID-cgs9-puc2-dyfg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/october/october@2.1.27" } ], "aliases": [ "CVE-2022-21705", "GHSA-79jw-2f46-wv22" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8fq-h2st-zuba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14151?format=api", "vulnerability_id": "VCID-swte-fwyb-yfbz", "summary": "Improper Authentication\nOctober is a Content Management System (CMS) and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in v2.1.12 of the october/october package. There are no workarounds for this issue and all users should update.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65656", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-41126" }, { "reference_url": "https://github.com/octobercms/october", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/octobercms/october" }, { "reference_url": "https://octobercms.com/changelog", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://octobercms.com/changelog" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41126", "reference_id": "CVE-2021-41126", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41126" }, { "reference_url": "https://github.com/advisories/GHSA-6gjf-7w99-j7x7", "reference_id": "GHSA-6gjf-7w99-j7x7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6gjf-7w99-j7x7" }, { "reference_url": "https://github.com/octobercms/october/security/advisories/GHSA-6gjf-7w99-j7x7", "reference_id": "GHSA-6gjf-7w99-j7x7", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/octobercms/october/security/advisories/GHSA-6gjf-7w99-j7x7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58197?format=api", "purl": "pkg:composer/october/october@2.1.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6c34-8p7a-3yeu" }, { "vulnerability": "VCID-6ts3-zne8-rfc3" }, { "vulnerability": "VCID-c7zm-krtx-8qam" }, { "vulnerability": "VCID-cgs9-puc2-dyfg" }, { "vulnerability": "VCID-r8fq-h2st-zuba" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/october/october@2.1.12" } ], "aliases": [ "CVE-2021-41126", "GHSA-6gjf-7w99-j7x7" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swte-fwyb-yfbz" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/october/october@2.0.0" }