{"url":"http://public2.vulnerablecode.io/api/packages/3583?format=json","purl":"pkg:alpm/archlinux/python-lxml@4.6.4-3","type":"alpm","namespace":"archlinux","name":"python-lxml","version":"4.6.4-3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.6.5-1","latest_non_vulnerable_version":"4.6.5-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6959?format=json","vulnerability_id":"VCID-47q5-tf6f-3kas","summary":"cross-site scripting","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43818","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43818"},{"reference_url":"https://github.com/lxml/lxml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/lxml/lxml"},{"reference_url":"https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a"},{"reference_url":"https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/lxml/lxml/commit/a3eacbc0dcf1de1c822ec29fb7d090a4b1712a9c#diff-59130575b4fb2932c957db2922977d7d89afb0b2085357db1a14615a2fcad776"},{"reference_url":"https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0"},{"reference_url":"https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2021-852.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2021-852.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00037.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUIS2KE3HZ2AAQKXFLTJFZPP2IFHJTC7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2XMOM5PFT6U5AAXY6EFNT5JZCKKHK2V"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGNET2A4WGLSUXLBFYKNC5PXHQMI3I7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4SPKJX3RRJK4UWA6FXCRHD2TVRQI44"},{"reference_url":"https://security.gentoo.org/glsa/202208-06","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220107-0005","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220107-0005"},{"reference_url":"https://www.debian.org/security/2022/dsa-5043","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2022/dsa-5043"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://security.archlinux.org/AVG-2629","reference_id":"AVG-2629","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2629"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43818","reference_id":"CVE-2021-43818","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43818"},{"reference_url":"https://github.com/advisories/GHSA-55x5-fj6c-h6m8","reference_id":"GHSA-55x5-fj6c-h6m8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-55x5-fj6c-h6m8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/3584?format=json","purl":"pkg:alpm/archlinux/python-lxml@4.6.5-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/python-lxml@4.6.5-1"}],"aliases":["CVE-2021-43818","GHSA-55x5-fj6c-h6m8","PYSEC-2021-852"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47q5-tf6f-3kas"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/python-lxml@4.6.4-3"}