Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/340728?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340728?format=api", "vulnerability_id": "VCID-e9pt-c5az-ebe2", "summary": "Drupal core uses a vulnerable Third-party library CKEditor", "aliases": [ { "alias": "GHSA-337w-fxpq-5m34" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/81207?format=api", "purl": "pkg:composer/drupal/drupal@8.7.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1xsh-7f63-v3df" }, { "vulnerability": "VCID-4p5n-ujzt-qfdx" }, { "vulnerability": "VCID-5821-1xss-8fdu" }, { "vulnerability": "VCID-b2x6-54c3-jqa2" }, { "vulnerability": "VCID-e8mp-5awh-eybz" }, { "vulnerability": "VCID-f687-ubdn-37en" }, { "vulnerability": "VCID-gvey-a924-8qhf" }, { "vulnerability": "VCID-h93x-dbpr-q7cz" }, { "vulnerability": "VCID-j2g3-u36y-nqdv" }, { "vulnerability": "VCID-jgec-wuca-bbf1" }, { "vulnerability": "VCID-n2z8-yesj-9bea" }, { "vulnerability": "VCID-n6tq-72g7-afdg" }, { "vulnerability": "VCID-phkw-q4nd-m7hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.7.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/81206?format=api", "purl": "pkg:composer/drupal/drupal@8.8.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1xsh-7f63-v3df" }, { "vulnerability": "VCID-4p5n-ujzt-qfdx" }, { "vulnerability": "VCID-5821-1xss-8fdu" }, { "vulnerability": "VCID-b2x6-54c3-jqa2" }, { "vulnerability": "VCID-bxh1-7fvj-zybm" }, { "vulnerability": "VCID-e8mp-5awh-eybz" }, { "vulnerability": "VCID-f687-ubdn-37en" }, { "vulnerability": "VCID-gaay-gs4k-5fba" }, { "vulnerability": "VCID-gvey-a924-8qhf" }, { "vulnerability": "VCID-h93x-dbpr-q7cz" }, { "vulnerability": "VCID-j2g3-u36y-nqdv" }, { "vulnerability": "VCID-jgec-wuca-bbf1" }, { "vulnerability": "VCID-n2z8-yesj-9bea" }, { "vulnerability": "VCID-n6tq-72g7-afdg" }, { "vulnerability": "VCID-phkw-q4nd-m7hh" }, { "vulnerability": "VCID-swh1-rvuw-jqfx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.4" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51570?format=api", "purl": "pkg:composer/drupal/drupal@8.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1unn-dn56-vufe" }, { "vulnerability": "VCID-1xsh-7f63-v3df" }, { "vulnerability": "VCID-2bnn-1wmq-ckdd" }, { "vulnerability": "VCID-2yyq-kyeu-uufc" }, { "vulnerability": "VCID-3k2a-rajw-87cb" }, { "vulnerability": "VCID-4p5n-ujzt-qfdx" }, { "vulnerability": "VCID-4un9-k6n8-nffu" }, { "vulnerability": "VCID-4yqy-eqn7-wkcf" }, { "vulnerability": "VCID-4zg8-2vm9-ubch" }, { "vulnerability": "VCID-51ze-a1zm-ukey" }, { "vulnerability": "VCID-55x9-nh66-1qh5" }, { "vulnerability": "VCID-5821-1xss-8fdu" }, { "vulnerability": "VCID-5txj-xsnq-ducf" }, { "vulnerability": "VCID-7kzf-7csh-wkds" }, { "vulnerability": "VCID-7qhc-n6hc-ukbu" }, { "vulnerability": "VCID-8fxw-fw46-yuar" }, { "vulnerability": "VCID-99sr-urzq-8few" }, { "vulnerability": "VCID-aknt-8ey4-m7hr" }, { "vulnerability": "VCID-ardj-zyxg-9ued" }, { "vulnerability": "VCID-az1b-uzab-jqdh" }, { "vulnerability": "VCID-b2x6-54c3-jqa2" }, { "vulnerability": "VCID-bavm-v6d9-sqd9" }, { "vulnerability": "VCID-bhyk-vjnk-e3af" }, { "vulnerability": "VCID-cfty-fvf7-3kcx" }, { "vulnerability": "VCID-crny-qmhc-tqfm" }, { "vulnerability": "VCID-d173-npte-yqdt" }, { "vulnerability": "VCID-dhzk-3ek4-2uf8" }, { "vulnerability": "VCID-e8mp-5awh-eybz" }, { "vulnerability": "VCID-e9pt-c5az-ebe2" }, { "vulnerability": "VCID-ejt8-umuh-g7e7" }, { "vulnerability": "VCID-f687-ubdn-37en" }, { "vulnerability": "VCID-f81c-sjqn-wbc3" }, { "vulnerability": "VCID-fbqa-6fpw-kyg9" }, { "vulnerability": "VCID-fmyh-mnq6-uyb9" }, { "vulnerability": "VCID-fx6n-du84-yya2" }, { "vulnerability": "VCID-g3u3-6dza-gkg7" }, { "vulnerability": "VCID-h93x-dbpr-q7cz" }, { "vulnerability": "VCID-hqyt-nhb4-4ycr" }, { "vulnerability": "VCID-hz2k-at38-wbeb" }, { "vulnerability": "VCID-j1yc-pqhw-pbh1" }, { "vulnerability": "VCID-j2g3-u36y-nqdv" }, { "vulnerability": "VCID-j545-f44v-w3cn" }, { "vulnerability": "VCID-j7zf-w99n-nfcf" }, { "vulnerability": "VCID-jecz-bm88-9uf1" }, { "vulnerability": "VCID-jgec-wuca-bbf1" }, { "vulnerability": "VCID-kd54-616n-wbcw" }, { "vulnerability": "VCID-kymb-9kr6-fkd7" }, { "vulnerability": "VCID-n5ur-2ytr-qbh5" }, { "vulnerability": "VCID-n6tq-72g7-afdg" }, { "vulnerability": "VCID-nqz7-ej49-ckay" }, { "vulnerability": "VCID-nszv-9z68-bqeu" }, { "vulnerability": "VCID-p6q6-apzp-pbbh" }, { "vulnerability": "VCID-pbqh-x6zw-duhn" }, { "vulnerability": "VCID-phkw-q4nd-m7hh" }, { "vulnerability": "VCID-pyjy-13mt-cyck" }, { "vulnerability": "VCID-qdwc-2mrq-6qgk" }, { "vulnerability": "VCID-qf91-4h5f-fuhv" }, { "vulnerability": "VCID-s8d1-k9q4-nkds" }, { "vulnerability": "VCID-sbnt-qndd-xubz" }, { "vulnerability": "VCID-svhr-wt5d-xbbq" }, { "vulnerability": "VCID-ta2u-bd9e-nfc7" }, { "vulnerability": "VCID-tj7d-ydqk-6kga" }, { "vulnerability": "VCID-ukc1-s92n-yydh" }, { "vulnerability": "VCID-unh6-xwtu-mkbt" }, { "vulnerability": "VCID-v2h1-1cfd-muft" }, { "vulnerability": "VCID-v4qa-rqty-p7fs" }, { "vulnerability": "VCID-vbkh-vghp-qqht" }, { "vulnerability": "VCID-vtwk-c1zr-jue5" }, { "vulnerability": "VCID-vzwv-ueuz-myar" }, { "vulnerability": "VCID-w85b-dws8-uyf1" }, { "vulnerability": "VCID-w9xe-83yw-mbhy" }, { "vulnerability": "VCID-waz7-ejwd-d3eh" }, { "vulnerability": "VCID-x5b9-68nh-rucd" }, { "vulnerability": "VCID-yy7m-f66v-fbhz" }, { "vulnerability": "VCID-zd4q-kddb-t3ha" }, { "vulnerability": "VCID-zhxf-bmyy-wff6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77707?format=api", "purl": "pkg:composer/drupal/drupal@8.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1xsh-7f63-v3df" }, { "vulnerability": "VCID-4gsc-v4nm-nke8" }, { "vulnerability": "VCID-4p5n-ujzt-qfdx" }, { "vulnerability": "VCID-4yqy-eqn7-wkcf" }, { "vulnerability": "VCID-5821-1xss-8fdu" }, { "vulnerability": "VCID-63my-dg24-t3dj" }, { "vulnerability": "VCID-7d6n-s61h-z3gz" }, { "vulnerability": "VCID-b2x6-54c3-jqa2" }, { "vulnerability": "VCID-bavm-v6d9-sqd9" }, { "vulnerability": "VCID-bxh1-7fvj-zybm" }, { "vulnerability": "VCID-daa6-2qhc-3bhq" }, { "vulnerability": "VCID-ddmy-kcmb-s7g7" }, { "vulnerability": "VCID-e8mp-5awh-eybz" }, { "vulnerability": "VCID-e9pt-c5az-ebe2" }, { "vulnerability": "VCID-f687-ubdn-37en" }, { "vulnerability": "VCID-gaay-gs4k-5fba" }, { "vulnerability": "VCID-gvey-a924-8qhf" }, { "vulnerability": "VCID-h93x-dbpr-q7cz" }, { "vulnerability": "VCID-j2g3-u36y-nqdv" }, { "vulnerability": "VCID-jecz-bm88-9uf1" }, { "vulnerability": "VCID-jgec-wuca-bbf1" }, { "vulnerability": "VCID-jq2w-q55u-8bbq" }, { "vulnerability": "VCID-kymb-9kr6-fkd7" }, { "vulnerability": "VCID-n2z8-yesj-9bea" }, { "vulnerability": "VCID-n6tq-72g7-afdg" }, { "vulnerability": "VCID-nf33-22v1-r3fj" }, { "vulnerability": "VCID-phkw-q4nd-m7hh" }, { "vulnerability": "VCID-swh1-rvuw-jqfx" }, { "vulnerability": "VCID-u6ud-1gef-1qbn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/drupal/drupal@8.8.0" } ], "references": [ { "reference_url": "https://github.com/drupal/drupal", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/drupal/drupal" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2020-03-18.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2020-03-18.yaml" }, { "reference_url": "https://www.drupal.org/sa-core-2020-001", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.drupal.org/sa-core-2020-001" }, { "reference_url": "https://github.com/advisories/GHSA-337w-fxpq-5m34", "reference_id": "GHSA-337w-fxpq-5m34", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-337w-fxpq-5m34" } ], "weaknesses": [ { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9pt-c5az-ebe2" }