Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/59685?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/59685?format=api", "purl": "pkg:composer/showdoc/showdoc@2.9.13", "type": "composer", "namespace": "showdoc", "name": "showdoc", "version": "2.9.13", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.10.0", "latest_non_vulnerable_version": "2.10.4", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41791?format=api", "vulnerability_id": "VCID-6jnb-hve3-uqhn", "summary": "showdoc is vulnerable to Cross-Site Request Forgery (CSRF)", "references": [ { "reference_url": "https://github.com/star7th/showdoc/commit/654e871a3923e79076818a9a03533fe88222c871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/star7th/showdoc/commit/654e871a3923e79076818a9a03533fe88222c871" }, { "reference_url": "https://huntr.dev/bounties/0aa84736-139b-4ae7-becf-604f7f60b1c9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/0aa84736-139b-4ae7-becf-604f7f60b1c9" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3993", "reference_id": "CVE-2021-3993", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3993" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59685?format=api", "purl": "pkg:composer/showdoc/showdoc@2.9.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13" } ], "aliases": [ "CVE-2021-3993" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6jnb-hve3-uqhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41793?format=api", "vulnerability_id": "VCID-bpyz-tsky-t7dy", "summary": "URL Redirection to Untrusted Site ('Open Redirect')\nshowdoc is vulnerable to URL Redirection to Untrusted Site", "references": [ { "reference_url": "https://github.com/star7th/showdoc/commit/335afc7ed6d6627c3d0434aa9acc168c77117614", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/star7th/showdoc/commit/335afc7ed6d6627c3d0434aa9acc168c77117614" }, { "reference_url": "https://huntr.dev/bounties/ffc61eff-efea-42c5-92c2-e043fdf904d5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/ffc61eff-efea-42c5-92c2-e043fdf904d5" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3989", "reference_id": "CVE-2021-3989", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3989" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59685?format=api", "purl": "pkg:composer/showdoc/showdoc@2.9.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13" } ], "aliases": [ "CVE-2021-3989" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bpyz-tsky-t7dy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41794?format=api", "vulnerability_id": "VCID-nqnp-wv88-w7be", "summary": "showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", "references": [ { "reference_url": "https://github.com/star7th/showdoc/commit/a9886f26c08225e0adca75c67dfca3f7c42b87d0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/star7th/showdoc/commit/a9886f26c08225e0adca75c67dfca3f7c42b87d0" }, { "reference_url": "https://huntr.dev/bounties/0680067d-56a7-4412-b06e-a267e850ae9f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/0680067d-56a7-4412-b06e-a267e850ae9f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3990", "reference_id": "CVE-2021-3990", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3990" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59685?format=api", "purl": "pkg:composer/showdoc/showdoc@2.9.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13" } ], "aliases": [ "CVE-2021-3990" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqnp-wv88-w7be" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41783?format=api", "vulnerability_id": "VCID-rsa3-88rf-z7bu", "summary": "showdoc is vulnerable to Cross-Site Request Forgery (CSRF)", "references": [ { "reference_url": "https://github.com/star7th/showdoc/commit/654e871a3923e79076818a9a03533fe88222c871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/star7th/showdoc/commit/654e871a3923e79076818a9a03533fe88222c871" }, { "reference_url": "https://huntr.dev/bounties/1d8439e8-b3f7-40f8-8b30-f9cb05ff2bcd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/1d8439e8-b3f7-40f8-8b30-f9cb05ff2bcd" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4017", "reference_id": "CVE-2021-4017", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4017" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59685?format=api", "purl": "pkg:composer/showdoc/showdoc@2.9.13", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13" } ], "aliases": [ "CVE-2021-4017" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rsa3-88rf-z7bu" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13" }