Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/james-heinrich/getid3@1.9.21
purl pkg:composer/james-heinrich/getid3@1.9.21
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-1twr-du4b-h7h6
Aliases:
CVE-2021-40926
GHSA-x2gw-85w6-fjjw
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Cross-site scripting (XSS) vulnerability in getID3 and allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter. There are no reported fixed by versions.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-1twr-du4b-h7h6 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Cross-site scripting (XSS) vulnerability in getID3 and allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter. CVE-2021-40926
GHSA-x2gw-85w6-fjjw

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:31:47.829558+00:00 GitLab Importer Affected by VCID-1twr-du4b-h7h6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/james-heinrich/getid3/CVE-2021-40926.yml 38.4.0
2026-04-11T22:45:02.276857+00:00 GitLab Importer Affected by VCID-1twr-du4b-h7h6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/james-heinrich/getid3/CVE-2021-40926.yml 38.3.0
2026-04-02T22:54:59.082507+00:00 GitLab Importer Affected by VCID-1twr-du4b-h7h6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/james-heinrich/getid3/CVE-2021-40926.yml 38.1.0
2026-04-02T16:58:16.872902+00:00 GHSA Importer Fixing VCID-1twr-du4b-h7h6 https://github.com/advisories/GHSA-x2gw-85w6-fjjw 38.1.0
2026-04-01T17:13:17.112040+00:00 GitLab Importer Affected by VCID-1twr-du4b-h7h6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/james-heinrich/getid3/CVE-2021-40926.yml 38.0.0
2026-04-01T13:00:36.747389+00:00 GithubOSV Importer Fixing VCID-1twr-du4b-h7h6 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/10/GHSA-x2gw-85w6-fjjw/GHSA-x2gw-85w6-fjjw.json 38.0.0