Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/webpack-subresource-integrity@1.0.2
Typenpm
Namespace
Namewebpack-subresource-integrity
Version1.0.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.5.1
Latest_non_vulnerable_version1.5.1
Affected_by_vulnerabilities
0
url VCID-m3a9-jb5b-fff3
vulnerability_id VCID-m3a9-jb5b-fff3
summary 
Insufficient Verification of Data Authenticity
In webpack-subresource-integrity, all dynamically loaded chunks receive an invalid integrity hash that is ignored by the browser, and therefore the browser cannot validate their integrity. This removes the additional level of protection offered by SRI for such chunks. Top-level chunks are unaffected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15262
reference_id
reference_type
scores
0
value 0.00159
scoring_system epss
scoring_elements 0.36497
published_at 2026-06-04T12:55:00Z
1
value 0.00159
scoring_system epss
scoring_elements 0.36526
published_at 2026-06-08T12:55:00Z
2
value 0.00159
scoring_system epss
scoring_elements 0.36562
published_at 2026-06-07T12:55:00Z
3
value 0.00159
scoring_system epss
scoring_elements 0.36599
published_at 2026-06-06T12:55:00Z
4
value 0.00159
scoring_system epss
scoring_elements 0.36591
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15262
1
reference_url https://github.com/waysact/webpack-subresource-integrity
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/waysact/webpack-subresource-integrity
2
reference_url https://github.com/waysact/webpack-subresource-integrity/commit/3d7090c08c333fcfb10ad9e2d6cf72e2acb7d87f
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/waysact/webpack-subresource-integrity/commit/3d7090c08c333fcfb10ad9e2d6cf72e2acb7d87f
3
reference_url https://github.com/waysact/webpack-subresource-integrity/issues/131
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/waysact/webpack-subresource-integrity/issues/131
4
reference_url https://github.com/waysact/webpack-subresource-integrity/security/advisories/GHSA-4fc4-chg7-h8gh
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/waysact/webpack-subresource-integrity/security/advisories/GHSA-4fc4-chg7-h8gh
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-15262
reference_id CVE-2020-15262
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-15262
6
reference_url https://github.com/advisories/GHSA-4fc4-chg7-h8gh
reference_id GHSA-4fc4-chg7-h8gh
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4fc4-chg7-h8gh
fixed_packages
0
url pkg:npm/webpack-subresource-integrity@1.5.1
purl pkg:npm/webpack-subresource-integrity@1.5.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/webpack-subresource-integrity@1.5.1
aliases CVE-2020-15262, GHSA-4fc4-chg7-h8gh
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3a9-jb5b-fff3
Fixing_vulnerabilities
Risk_score1.6
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/webpack-subresource-integrity@1.0.2