Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/438264?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/438264?format=api", "purl": "pkg:npm/materialize-css@0.95.3", "type": "npm", "namespace": "", "name": "materialize-css", "version": "0.95.3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/203436?format=api", "vulnerability_id": "VCID-6k67-sdgx-z7dp", "summary": "Materialize-css vulnerable to Cross-site Scripting in autocomplete component", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11003", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45273", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45124", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45274", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45286", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11003" }, { "reference_url": "https://github.com/Dogfalo/materialize", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Dogfalo/materialize" }, { "reference_url": "https://github.com/Dogfalo/materialize/issues/6286", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Dogfalo/materialize/issues/6286" }, { "reference_url": "https://github.com/materializecss/materialize/pull/49", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/materializecss/materialize/pull/49" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-MATERIALIZECSS-174144", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-MATERIALIZECSS-174144" }, { "reference_url": "https://www.npmjs.com/advisories/817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.npmjs.com/advisories/817" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11003", "reference_id": "CVE-2019-11003", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11003" }, { "reference_url": "https://github.com/advisories/GHSA-7752-f4gf-94gc", "reference_id": "GHSA-7752-f4gf-94gc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7752-f4gf-94gc" } ], "fixed_packages": [], "aliases": [ "CVE-2019-11003", "GHSA-7752-f4gf-94gc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6k67-sdgx-z7dp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209229?format=api", "vulnerability_id": "VCID-c194-d5v4-zyc8", "summary": "materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-25349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53986", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53861", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.5399", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.54003", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-25349" }, { "reference_url": "https://github.com/Dogfalo/materialize", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Dogfalo/materialize" }, { "reference_url": "https://github.com/Dogfalo/materialize/blob/v1-dev/js/autocomplete.js%23L285%20", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Dogfalo/materialize/blob/v1-dev/js/autocomplete.js%23L285%20" }, { "reference_url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2766498", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2766498" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-MATERIALIZECSS-2324800", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-MATERIALIZECSS-2324800" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25349", "reference_id": "CVE-2022-25349", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25349" }, { "reference_url": "https://github.com/advisories/GHSA-7jvx-f994-rfw2", "reference_id": "GHSA-7jvx-f994-rfw2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7jvx-f994-rfw2" } ], "fixed_packages": [], "aliases": [ "CVE-2022-25349", "GHSA-7jvx-f994-rfw2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c194-d5v4-zyc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/203439?format=api", "vulnerability_id": "VCID-jgq1-w7aq-mkce", "summary": "Materialize-css vulnerable to Cross-site Scripting in tooltip component", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47943", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.481", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.48084", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11002" }, { "reference_url": "https://github.com/Dogfalo/materialize", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Dogfalo/materialize" }, { "reference_url": "https://github.com/Dogfalo/materialize/issues/6286", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Dogfalo/materialize/issues/6286" }, { "reference_url": "https://github.com/materializecss/materialize/pull/49", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/materializecss/materialize/pull/49" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-MATERIALIZECSS-174148", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-MATERIALIZECSS-174148" }, { "reference_url": "https://www.npmjs.com/advisories/818", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.npmjs.com/advisories/818" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11002", "reference_id": "CVE-2019-11002", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11002" }, { "reference_url": "https://github.com/advisories/GHSA-98f7-p5rc-jx67", "reference_id": "GHSA-98f7-p5rc-jx67", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-98f7-p5rc-jx67" } ], "fixed_packages": [], "aliases": [ "CVE-2019-11002", "GHSA-98f7-p5rc-jx67" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jgq1-w7aq-mkce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/203434?format=api", "vulnerability_id": "VCID-x6mj-pc71-pbeh", "summary": "Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.47943", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.481", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00244", "scoring_system": "epss", "scoring_elements": "0.48084", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11004" }, { "reference_url": "https://github.com/Dogfalo/materialize", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Dogfalo/materialize" }, { "reference_url": "https://github.com/Dogfalo/materialize/issues/6286", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Dogfalo/materialize/issues/6286" }, { "reference_url": "https://github.com/Dogfalo/materialize/issues/6331#issuecomment-549080183", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/Dogfalo/materialize/issues/6331#issuecomment-549080183" }, { "reference_url": "https://github.com/materializecss/materialize/pull/49", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/materializecss/materialize/pull/49" }, { "reference_url": "https://github.com/samschurter/materialize/commit/3aae4cc9bb2b58c337bf25d2f04f129a2a0fa78f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/samschurter/materialize/commit/3aae4cc9bb2b58c337bf25d2f04f129a2a0fa78f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11004", "reference_id": "CVE-2019-11004", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11004" }, { "reference_url": "https://github.com/advisories/GHSA-rg3q-jxmp-pvjj", "reference_id": "GHSA-rg3q-jxmp-pvjj", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rg3q-jxmp-pvjj" } ], "fixed_packages": [], "aliases": [ "CVE-2019-11004", "GHSA-rg3q-jxmp-pvjj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6mj-pc71-pbeh" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/materialize-css@0.95.3" }