Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/yui@3.2.0
Typenpm
Namespace
Nameyui
Version3.2.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.11.0pr1
Latest_non_vulnerable_version3.11.0pr1
Affected_by_vulnerabilities
0
url VCID-3fdn-sk73-zqe2
vulnerability_id VCID-3fdn-sk73-zqe2
summary 
YUI Cross-site Scripting (XSS) vulnerability
Cross-site scripting (XSS) vulnerability in flashuploader.swf in the Uploader component in Yahoo! YUI 3.5.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows remote attackers to inject arbitrary web script or HTML via a crafted string in a URL.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39678
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39678
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4942
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55295
published_at 2026-05-14T12:55:00Z
1
value 0.00322
scoring_system epss
scoring_elements 0.55272
published_at 2026-04-21T12:55:00Z
2
value 0.00322
scoring_system epss
scoring_elements 0.55209
published_at 2026-04-24T12:55:00Z
3
value 0.00322
scoring_system epss
scoring_elements 0.5523
published_at 2026-04-26T12:55:00Z
4
value 0.00322
scoring_system epss
scoring_elements 0.55201
published_at 2026-04-29T12:55:00Z
5
value 0.00322
scoring_system epss
scoring_elements 0.55149
published_at 2026-05-05T12:55:00Z
6
value 0.00322
scoring_system epss
scoring_elements 0.55192
published_at 2026-05-07T12:55:00Z
7
value 0.00322
scoring_system epss
scoring_elements 0.55249
published_at 2026-05-09T12:55:00Z
8
value 0.00322
scoring_system epss
scoring_elements 0.5521
published_at 2026-05-11T12:55:00Z
9
value 0.00322
scoring_system epss
scoring_elements 0.55235
published_at 2026-05-12T12:55:00Z
10
value 0.00322
scoring_system epss
scoring_elements 0.55126
published_at 2026-04-01T12:55:00Z
11
value 0.00322
scoring_system epss
scoring_elements 0.55227
published_at 2026-04-02T12:55:00Z
12
value 0.00322
scoring_system epss
scoring_elements 0.55251
published_at 2026-04-13T12:55:00Z
13
value 0.00322
scoring_system epss
scoring_elements 0.55229
published_at 2026-04-07T12:55:00Z
14
value 0.00322
scoring_system epss
scoring_elements 0.55278
published_at 2026-04-08T12:55:00Z
15
value 0.00322
scoring_system epss
scoring_elements 0.55279
published_at 2026-04-09T12:55:00Z
16
value 0.00322
scoring_system epss
scoring_elements 0.5529
published_at 2026-04-16T12:55:00Z
17
value 0.00322
scoring_system epss
scoring_elements 0.5527
published_at 2026-04-12T12:55:00Z
18
value 0.00322
scoring_system epss
scoring_elements 0.55293
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4942
2
reference_url https://moodle.org/mod/forum/discuss.php?d=232496
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=232496
3
reference_url https://web.archive.org/web/20130909203912/http://yuilibrary.com/support/20130515-vulnerability
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130909203912/http://yuilibrary.com/support/20130515-vulnerability
4
reference_url https://yuilibrary.com/support/20130515-vulnerability/)
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements
url https://yuilibrary.com/support/20130515-vulnerability/)
5
reference_url https://github.com/nodejs/security-wg/blob/main/vuln/npm/332.json
reference_id 332
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements
url https://github.com/nodejs/security-wg/blob/main/vuln/npm/332.json
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4942
reference_id CVE-2013-4942
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4942
7
reference_url https://github.com/advisories/GHSA-9ww8-j8j2-3788
reference_id GHSA-9ww8-j8j2-3788
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9ww8-j8j2-3788
fixed_packages
0
url pkg:npm/yui@3.10.0pr1
purl pkg:npm/yui@3.10.0pr1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7pnw-f1rw-kydp
1
vulnerability VCID-bkcw-p2su-pkde
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/yui@3.10.0pr1
aliases CVE-2013-4942, GHSA-9ww8-j8j2-3788
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fdn-sk73-zqe2
1
url VCID-kjwa-ezsm-pbg7
vulnerability_id VCID-kjwa-ezsm-pbg7
summary 
YUI Cross-site Scripting (XSS) vulnerability
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows remote attackers to inject arbitrary web script or HTML via a crafted string in a URL.
references
0
reference_url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39678
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-39678
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4941
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55295
published_at 2026-05-14T12:55:00Z
1
value 0.00322
scoring_system epss
scoring_elements 0.55272
published_at 2026-04-21T12:55:00Z
2
value 0.00322
scoring_system epss
scoring_elements 0.55209
published_at 2026-04-24T12:55:00Z
3
value 0.00322
scoring_system epss
scoring_elements 0.5523
published_at 2026-04-26T12:55:00Z
4
value 0.00322
scoring_system epss
scoring_elements 0.55201
published_at 2026-04-29T12:55:00Z
5
value 0.00322
scoring_system epss
scoring_elements 0.55149
published_at 2026-05-05T12:55:00Z
6
value 0.00322
scoring_system epss
scoring_elements 0.55192
published_at 2026-05-07T12:55:00Z
7
value 0.00322
scoring_system epss
scoring_elements 0.55249
published_at 2026-05-09T12:55:00Z
8
value 0.00322
scoring_system epss
scoring_elements 0.5521
published_at 2026-05-11T12:55:00Z
9
value 0.00322
scoring_system epss
scoring_elements 0.55235
published_at 2026-05-12T12:55:00Z
10
value 0.00322
scoring_system epss
scoring_elements 0.55126
published_at 2026-04-01T12:55:00Z
11
value 0.00322
scoring_system epss
scoring_elements 0.55227
published_at 2026-04-02T12:55:00Z
12
value 0.00322
scoring_system epss
scoring_elements 0.55251
published_at 2026-04-13T12:55:00Z
13
value 0.00322
scoring_system epss
scoring_elements 0.55229
published_at 2026-04-07T12:55:00Z
14
value 0.00322
scoring_system epss
scoring_elements 0.55278
published_at 2026-04-08T12:55:00Z
15
value 0.00322
scoring_system epss
scoring_elements 0.55279
published_at 2026-04-09T12:55:00Z
16
value 0.00322
scoring_system epss
scoring_elements 0.5529
published_at 2026-04-16T12:55:00Z
17
value 0.00322
scoring_system epss
scoring_elements 0.5527
published_at 2026-04-12T12:55:00Z
18
value 0.00322
scoring_system epss
scoring_elements 0.55293
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4941
2
reference_url https://moodle.org/mod/forum/discuss.php?d=232496
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://moodle.org/mod/forum/discuss.php?d=232496
3
reference_url https://web.archive.org/web/20130909203912/http://yuilibrary.com/support/20130515-vulnerability
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130909203912/http://yuilibrary.com/support/20130515-vulnerability
4
reference_url https://yuilibrary.com/support/20130515-vulnerability/)
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements
url https://yuilibrary.com/support/20130515-vulnerability/)
5
reference_url https://github.com/nodejs/security-wg/blob/main/vuln/npm/332.json
reference_id 332
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements
url https://github.com/nodejs/security-wg/blob/main/vuln/npm/332.json
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4941
reference_id CVE-2013-4941
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4941
7
reference_url https://github.com/advisories/GHSA-64r3-582j-frqm
reference_id GHSA-64r3-582j-frqm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-64r3-582j-frqm
fixed_packages
0
url pkg:npm/yui@3.10.0pr1
purl pkg:npm/yui@3.10.0pr1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7pnw-f1rw-kydp
1
vulnerability VCID-bkcw-p2su-pkde
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/yui@3.10.0pr1
aliases CVE-2013-4941, GHSA-64r3-582j-frqm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kjwa-ezsm-pbg7
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/yui@3.2.0