{"url":"http://public2.vulnerablecode.io/api/packages/24990?format=json","purl":"pkg:pypi/asterix-decoder@0.4.2","type":"pypi","namespace":"","name":"asterix-decoder","version":"0.4.2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.7.2","latest_non_vulnerable_version":"0.7.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35912?format=json","vulnerability_id":"VCID-92t2-jqm4-d7b5","summary":"Croatia Control Asterix 2.8.1 (python_v0.7.2) has a heap-based buffer over-read, with additional details to be disclosed at a later date.","references":[{"reference_url":"https://github.com/croatiacontrolltd/asterix/commit/3f765d387d239ccc44e278a2ffa600fb6a6587f9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/croatiacontrolltd/asterix/commit/3f765d387d239ccc44e278a2ffa600fb6a6587f9"},{"reference_url":"https://github.com/CroatiaControlLtd/asterix/issues/183","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/CroatiaControlLtd/asterix/issues/183"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/25010?format=json","purl":"pkg:pypi/asterix-decoder@0.7.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/asterix-decoder@0.7.2"}],"aliases":["CVE-2021-44144","PYSEC-2021-860"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92t2-jqm4-d7b5"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/asterix-decoder@0.4.2"}