{"url":"http://public2.vulnerablecode.io/api/packages/114997?format=json","purl":"pkg:rpm/redhat/rh-nodejs4-nodejs-minimatch@3.0.2-1?arch=el6","type":"rpm","namespace":"redhat","name":"rh-nodejs4-nodejs-minimatch","version":"3.0.2-1","qualifiers":{"arch":"el6"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85056?format=json","vulnerability_id":"VCID-9wmz-6yty-b3g5","summary":"nodejs-minimatch: Regular expression denial-of-service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000023.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000023.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348509","reference_id":"1348509","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348509"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1000023","reference_id":"CVE-2016-1000023","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1000023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1582","reference_id":"RHSA-2016:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1583","reference_id":"RHSA-2016:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1605","reference_id":"RHSA-2016:1605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1605"}],"fixed_packages":[],"aliases":["CVE-2016-1000023"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9wmz-6yty-b3g5"}],"fixing_vulnerabilities":[],"risk_score":"2.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-nodejs4-nodejs-minimatch@3.0.2-1%3Farch=el6"}