{"url":"http://public2.vulnerablecode.io/api/packages/27819?format=json","purl":"pkg:composer/ibexa/graphql@4.2.3","type":"composer","namespace":"ibexa","name":"graphql","version":"4.2.3","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211504?format=json","vulnerability_id":"VCID-jy2j-s717-47gn","summary":"GraphQL queries can expose password hashes","references":[{"reference_url":"https://github.com/ibexa/graphql","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/graphql"},{"reference_url":"https://github.com/ibexa/graphql/commit/5ae5fb4d1d292ddde8528e040ef8a7c8dd7f9c6d","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/graphql/commit/5ae5fb4d1d292ddde8528e040ef8a7c8dd7f9c6d"},{"reference_url":"https://github.com/advisories/GHSA-3p7g-wrgg-wq45","reference_id":"GHSA-3p7g-wrgg-wq45","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3p7g-wrgg-wq45"},{"reference_url":"https://github.com/ibexa/graphql/security/advisories/GHSA-3p7g-wrgg-wq45","reference_id":"GHSA-3p7g-wrgg-wq45","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ibexa/graphql/security/advisories/GHSA-3p7g-wrgg-wq45"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27821?format=json","purl":"pkg:composer/ibexa/graphql@2.5.31","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/graphql@2.5.31"},{"url":"http://public2.vulnerablecode.io/api/packages/27823?format=json","purl":"pkg:composer/ibexa/graphql@3.3.28","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/graphql@3.3.28"},{"url":"http://public2.vulnerablecode.io/api/packages/27819?format=json","purl":"pkg:composer/ibexa/graphql@4.2.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/graphql@4.2.3"}],"aliases":["GHSA-3p7g-wrgg-wq45"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jy2j-s717-47gn"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/ibexa/graphql@4.2.3"}