{"url":"http://public2.vulnerablecode.io/api/packages/201256?format=json","purl":"pkg:composer/laravel/socialite@2.0.4","type":"composer","namespace":"laravel","name":"socialite","version":"2.0.4","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.0.10","latest_non_vulnerable_version":"2.0.10","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37890?format=json","vulnerability_id":"VCID-21qc-541p-jug6","summary":"State guessing vulnerability.","references":[{"reference_url":"https://github.com/laravel/socialite/pull/93","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/laravel/socialite/pull/93"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52337?format=json","purl":"pkg:composer/laravel/socialite@2.0.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/laravel/socialite@2.0.10"}],"aliases":["GMS-2015-69"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-21qc-541p-jug6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37889?format=json","vulnerability_id":"VCID-ezec-rkuz-wuff","summary":"Insecure state generation\nState is not pulled of the session, and can be guessed later.","references":[{"reference_url":"https://github.com/laravel/socialite/pull/93","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/laravel/socialite/pull/93"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52337?format=json","purl":"pkg:composer/laravel/socialite@2.0.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/laravel/socialite@2.0.10"}],"aliases":["GMS-2015-16"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezec-rkuz-wuff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37885?format=json","vulnerability_id":"VCID-nttt-2yjf-h3f7","summary":"Insecure state generation.","references":[{"reference_url":"https://github.com/laravel/socialite/pull/91","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/laravel/socialite/pull/91"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/52328?format=json","purl":"pkg:composer/laravel/socialite@2.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-21qc-541p-jug6"},{"vulnerability":"VCID-ezec-rkuz-wuff"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/laravel/socialite@2.0.9"}],"aliases":["GMS-2015-68"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nttt-2yjf-h3f7"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/laravel/socialite@2.0.4"}