Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/53345?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53345?format=api", "vulnerability_id": "VCID-y1y4-ruee-mbbz", "summary": "Improper Authorization in @sap-cloud-sdk/core\nAffected versions of `@sap-cloud-sdk/core` do not properly validate JWTs. The `verifyJwt()` function does not properly validate the URL from where the public verification key for the JWT can be downloaded. Any URL was trusted which makes it possible to provide a URL belonging to a manipulated JWT. Upgrade to or later.", "aliases": [ { "alias": "GHSA-r2vw-jgq9-jqx2" }, { "alias": "GMS-2020-37" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78397?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78396?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270125?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270126?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/270127?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/270128?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/270129?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/270130?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/270131?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/270132?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/270133?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.18", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.18" }, { "url": "http://public2.vulnerablecode.io/api/packages/270134?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/270135?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.20", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.20" }, { "url": "http://public2.vulnerablecode.io/api/packages/270136?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/270137?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.22", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.22" }, { "url": "http://public2.vulnerablecode.io/api/packages/270138?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/270139?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.24", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.24" }, { "url": "http://public2.vulnerablecode.io/api/packages/270140?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/270141?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.19.1-alpha.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.19.1-alpha.26" }, { "url": "http://public2.vulnerablecode.io/api/packages/270142?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270143?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270144?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270145?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270146?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/270147?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/270148?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/270149?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/270150?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.1-alpha.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1-alpha.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/270151?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270152?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-0bf1d899.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-0bf1d899.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/270153?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-319be49d.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-319be49d.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/270154?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-517a6d82.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-517a6d82.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/270155?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270156?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270157?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270158?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/270159?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/270160?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/270161?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/270162?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/270163?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/270164?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/270165?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/270166?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.15", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.15" }, { "url": "http://public2.vulnerablecode.io/api/packages/270167?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.17", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.17" }, { "url": "http://public2.vulnerablecode.io/api/packages/270168?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.19", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.19" }, { "url": "http://public2.vulnerablecode.io/api/packages/270169?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/270170?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.23", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.23" }, { "url": "http://public2.vulnerablecode.io/api/packages/270171?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.25", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.25" }, { "url": "http://public2.vulnerablecode.io/api/packages/270172?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/270173?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/270174?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.34", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.34" }, { "url": "http://public2.vulnerablecode.io/api/packages/270175?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.35", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.35" }, { "url": "http://public2.vulnerablecode.io/api/packages/270176?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-alpha.36", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-alpha.36" }, { "url": "http://public2.vulnerablecode.io/api/packages/270177?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-b406d7af.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-b406d7af.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/270178?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.20.2-f6a7e0bd.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.20.2-f6a7e0bd.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/270179?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270180?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.1-3902933.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-3902933.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270181?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.1-2e6b619f.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-2e6b619f.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/270182?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.1-7f787e81.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-7f787e81.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/270183?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.1-88b10c48.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-88b10c48.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/270184?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.1-cc126c9d.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-cc126c9d.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270185?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.1-d48b5e51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-d48b5e51.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270186?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.1-d70aa00f.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-d70aa00f.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/270187?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.1-e6a1b24b.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1-e6a1b24b.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270188?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270189?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.2-82386522.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-82386522.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/270190?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.2-18d895d0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-18d895d0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/270191?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.2-19cf3cf8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-19cf3cf8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270192?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.2-364b5dcb.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-364b5dcb.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/270193?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.2-80cb3463.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-80cb3463.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270194?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.2-951e55ca.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-951e55ca.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270195?format=api", "purl": "pkg:npm/%40sap-cloud-sdk/core@1.21.2-d19fc554.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2gwq-pd7m-3ubv" }, { "vulnerability": "VCID-y1y4-ruee-mbbz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540sap-cloud-sdk/core@1.21.2-d19fc554.4" } ], "references": [ { "reference_url": "https://www.npmjs.com/advisories/1540", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.npmjs.com/advisories/1540" }, { "reference_url": "https://github.com/advisories/GHSA-r2vw-jgq9-jqx2", "reference_id": "GHSA-r2vw-jgq9-jqx2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r2vw-jgq9-jqx2" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 285, "name": "Improper Authorization", "description": "The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y1y4-ruee-mbbz" }