Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/%40apollo/server@4.7.1
Typenpm
Namespace@apollo
Nameserver
Version4.7.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.7.4
Latest_non_vulnerable_version5.5.0
Affected_by_vulnerabilities
0
url VCID-nm8n-5rm1-xyec
vulnerability_id VCID-nm8n-5rm1-xyec
summary Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in @apollo/server.
references
0
reference_url https://github.com/apollographql/apollo-server
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apollographql/apollo-server
1
reference_url https://github.com/apollographql/apollo-server/commit/0adaf80d1ee51d8c7e5fd863c04478536d15eb8c
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apollographql/apollo-server/commit/0adaf80d1ee51d8c7e5fd863c04478536d15eb8c
2
reference_url https://github.com/advisories/GHSA-68jh-rf6x-836f
reference_id GHSA-68jh-rf6x-836f
reference_type
scores
url https://github.com/advisories/GHSA-68jh-rf6x-836f
3
reference_url https://github.com/apollographql/apollo-server/security/advisories/GHSA-68jh-rf6x-836f
reference_id GHSA-68jh-rf6x-836f
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/apollographql/apollo-server/security/advisories/GHSA-68jh-rf6x-836f
fixed_packages
0
url pkg:npm/%40apollo/server@4.7.4
purl pkg:npm/%40apollo/server@4.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540apollo/server@4.7.4
aliases GHSA-68jh-rf6x-836f, GMS-2023-1869
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nm8n-5rm1-xyec
Fixing_vulnerabilities
Risk_score1.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/%2540apollo/server@4.7.1