{"url":"http://public2.vulnerablecode.io/api/packages/146248?format=json","purl":"pkg:npm/mongoose@2.5.13","type":"npm","namespace":"","name":"mongoose","version":"2.5.13","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.13.21","latest_non_vulnerable_version":"7.3.4","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/141502?format=json","vulnerability_id":"VCID-xs6e-v42x-4ub9","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17426","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46929","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17426"},{"reference_url":"https://github.com/Automattic/mongoose","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Automattic/mongoose"},{"reference_url":"https://github.com/Automattic/mongoose/commit/f3eca5b94d822225c04e96cbeed9f095afb3c31c","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Automattic/mongoose/commit/f3eca5b94d822225c04e96cbeed9f095afb3c31c"},{"reference_url":"https://github.com/Automattic/mongoose/commit/f88eb2524b65a68ff893c90a03c04f0913c1913e","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Automattic/mongoose/commit/f88eb2524b65a68ff893c90a03c04f0913c1913e"},{"reference_url":"https://github.com/Automattic/mongoose/commits/4.13.21","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Automattic/mongoose/commits/4.13.21"},{"reference_url":"https://github.com/Automattic/mongoose/issues/8222","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Automattic/mongoose/issues/8222"},{"reference_url":"https://github.com/Automattic/mongoose/releases/tag/4.13.21","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Automattic/mongoose/releases/tag/4.13.21"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17426","reference_id":"CVE-2019-17426","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17426"},{"reference_url":"https://github.com/advisories/GHSA-8687-vv9j-hgph","reference_id":"GHSA-8687-vv9j-hgph","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8687-vv9j-hgph"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74314?format=json","purl":"pkg:npm/mongoose@4.13.21","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/mongoose@4.13.21"},{"url":"http://public2.vulnerablecode.io/api/packages/74313?format=json","purl":"pkg:npm/mongoose@5.7.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/mongoose@5.7.5"}],"aliases":["CVE-2019-17426","GHSA-8687-vv9j-hgph"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xs6e-v42x-4ub9"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/mongoose@2.5.13"}