Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/67165?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/67165?format=api", "purl": "pkg:composer/in2code/femanager@7.2.2", "type": "composer", "namespace": "in2code", "name": "femanager", "version": "7.2.2", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "7.2.3", "latest_non_vulnerable_version": "7.2.3", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46131?format=api", "vulnerability_id": "VCID-mp37-6ntu-zkbt", "summary": "TYPO3 extension femanager Broken Access Control vulnerability\nfemanager fails to check access permissions for the invitation component. Depending on the configuration of the plugin, a remote user can create frontend user accounts with access to configured frontend groups.", "references": [ { "reference_url": "https://github.com/in2code-de/femanager/commit/cc5f2893613a6b3fd2677c457574ab587a0862ca", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/in2code-de/femanager/commit/cc5f2893613a6b3fd2677c457574ab587a0862ca" }, { "reference_url": "https://github.com/in2code-de/femanager/releases/tag/7.2.2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/in2code-de/femanager/releases/tag/7.2.2" }, { "reference_url": "https://typo3.org/security/advisory/typo3-ext-sa-2023-008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://typo3.org/security/advisory/typo3-ext-sa-2023-008" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/in2code/femanager/CVE-2023-45023.yaml", "reference_id": "CVE-2023-45023.YAML", "reference_type": "", "scores": [], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/in2code/femanager/CVE-2023-45023.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-93j4-v838-8767", "reference_id": "GHSA-93j4-v838-8767", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-93j4-v838-8767" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/67165?format=api", "purl": "pkg:composer/in2code/femanager@7.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/in2code/femanager@7.2.2" } ], "aliases": [ "CVE-2023-45023", "GHSA-93j4-v838-8767" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mp37-6ntu-zkbt" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/in2code/femanager@7.2.2" }