Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/37744?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37744?format=api", "vulnerability_id": "VCID-cp9j-3948-mud8", "summary": "Insufficient Entropy\nEntropy is lost in the `TokenGenerator`.", "aliases": [ { "alias": "GMS-2014-38" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51607?format=api", "purl": "pkg:composer/friendsofsymfony/user-bundle@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ky5a-sata-5yf6" }, { "vulnerability": "VCID-yyyq-za39-r3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.3.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/51272?format=api", "purl": "pkg:composer/friendsofsymfony/user-bundle@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-98wp-9e1h-yfgg" }, { "vulnerability": "VCID-cp9j-3948-mud8" }, { "vulnerability": "VCID-fkq5-7t4p-jbdk" }, { "vulnerability": "VCID-ky5a-sata-5yf6" }, { "vulnerability": "VCID-nnxf-zbvz-1qdb" }, { "vulnerability": "VCID-sv3j-tu9a-pucg" }, { "vulnerability": "VCID-yyyq-za39-r3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/51274?format=api", "purl": "pkg:composer/friendsofsymfony/user-bundle@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cp9j-3948-mud8" }, { "vulnerability": "VCID-fkq5-7t4p-jbdk" }, { "vulnerability": "VCID-ky5a-sata-5yf6" }, { "vulnerability": "VCID-yyyq-za39-r3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/197821?format=api", "purl": "pkg:composer/friendsofsymfony/user-bundle@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cp9j-3948-mud8" }, { "vulnerability": "VCID-fkq5-7t4p-jbdk" }, { "vulnerability": "VCID-ky5a-sata-5yf6" }, { "vulnerability": "VCID-yyyq-za39-r3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/197822?format=api", "purl": "pkg:composer/friendsofsymfony/user-bundle@1.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cp9j-3948-mud8" }, { "vulnerability": "VCID-fkq5-7t4p-jbdk" }, { "vulnerability": "VCID-ky5a-sata-5yf6" }, { "vulnerability": "VCID-yyyq-za39-r3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/51273?format=api", "purl": "pkg:composer/friendsofsymfony/user-bundle@1.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cp9j-3948-mud8" }, { "vulnerability": "VCID-ky5a-sata-5yf6" }, { "vulnerability": "VCID-yyyq-za39-r3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/51608?format=api", "purl": "pkg:composer/friendsofsymfony/user-bundle@1.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cp9j-3948-mud8" }, { "vulnerability": "VCID-yyyq-za39-r3hh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/friendsofsymfony/user-bundle@1.2.5" } ], "references": [ { "reference_url": "https://symfony.com/blog/fosuserbundle-entropy-of-generated-tokens-is-lost", "reference_id": "", "reference_type": "", "scores": [], "url": "https://symfony.com/blog/fosuserbundle-entropy-of-generated-tokens-is-lost" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cp9j-3948-mud8" }