Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/63400?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/63400?format=api", "purl": "pkg:gem/publify_core@9.2.8", "type": "gem", "namespace": "", "name": "publify_core", "version": "9.2.8", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "9.2.10", "latest_non_vulnerable_version": "9.2.10", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44101?format=api", "vulnerability_id": "VCID-39py-98eh-xbb2", "summary": "Incorrect Authorization\nImproper Access Control in GitHub repository publify/publify prior to 9.2.8.", "references": [ { "reference_url": "https://github.com/publify/publify/commit/0e6c66ac2002136517662399bca9d838c80d9739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/publify/publify/commit/0e6c66ac2002136517662399bca9d838c80d9739" }, { "reference_url": "https://huntr.dev/bounties/6f322c84-9e20-4df6-97e8-92bc271ede3f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/6f322c84-9e20-4df6-97e8-92bc271ede3f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0574", "reference_id": "CVE-2022-0574", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0574" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63400?format=api", "purl": "pkg:gem/publify_core@9.2.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/publify_core@9.2.8" } ], "aliases": [ "CVE-2022-0574" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-39py-98eh-xbb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44098?format=api", "vulnerability_id": "VCID-f48u-rz6j-jbge", "summary": "Improper Control of Generation of Code ('Code Injection')\nCode Injection in GitHub repository publify/publify prior to 9.2.8.", "references": [ { "reference_url": "https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7" }, { "reference_url": "https://huntr.dev/bounties/02c81928-eb47-476f-8000-e93dc796dbcc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/02c81928-eb47-476f-8000-e93dc796dbcc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0578", "reference_id": "CVE-2022-0578", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0578" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63400?format=api", "purl": "pkg:gem/publify_core@9.2.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/publify_core@9.2.8" } ], "aliases": [ "CVE-2022-0578" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f48u-rz6j-jbge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44103?format=api", "vulnerability_id": "VCID-s1rn-35ap-2uhv", "summary": "Incorrect Authorization\nLeaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integrity of users.", "references": [ { "reference_url": "https://github.com/publify/publify/commit/1a78f16f460847274265a12a9555b3524892d7db", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/publify/publify/commit/1a78f16f460847274265a12a9555b3524892d7db" }, { "reference_url": "https://huntr.dev/bounties/b398e4c9-6cdf-4973-ad86-da796cde221f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://huntr.dev/bounties/b398e4c9-6cdf-4973-ad86-da796cde221f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1553", "reference_id": "CVE-2022-1553", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1553" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/63400?format=api", "purl": "pkg:gem/publify_core@9.2.8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/publify_core@9.2.8" } ], "aliases": [ "CVE-2022-1553" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s1rn-35ap-2uhv" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/publify_core@9.2.8" }