{"url":"http://public2.vulnerablecode.io/api/packages/5172?format=json","purl":"pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2","type":"deb","namespace":"debian","name":"roundcube","version":"1.3.17+dfsg.1-1~deb10u2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.4.15+dfsg.1-1+deb11u4","latest_non_vulnerable_version":"1.4.15+dfsg.1-1+deb11u4","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5771?format=json","vulnerability_id":"VCID-a834-nxqm-afgv","summary":"cross-site scripting","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35730"},{"reference_url":"https://security.archlinux.org/ASA-202101-2","reference_id":"ASA-202101-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-2"},{"reference_url":"https://security.archlinux.org/AVG-1388","reference_id":"AVG-1388","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1388"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5924?format=json","purl":"pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4"}],"aliases":["CVE-2020-35730"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a834-nxqm-afgv"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6305?format=json","vulnerability_id":"VCID-68q2-s29g-qqgh","summary":"arbitrary command execution","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9846"},{"reference_url":"https://security.archlinux.org/ASA-201804-8","reference_id":"ASA-201804-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201804-8"},{"reference_url":"https://security.archlinux.org/AVG-670","reference_id":"AVG-670","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-670"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5071?format=json","purl":"pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-68q2-s29g-qqgh"},{"vulnerability":"VCID-a834-nxqm-afgv"},{"vulnerability":"VCID-f77z-fx6y-6kbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.2.3%252Bdfsg.1-4%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5172?format=json","purl":"pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a834-nxqm-afgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2"}],"aliases":["CVE-2018-9846"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68q2-s29g-qqgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5771?format=json","vulnerability_id":"VCID-a834-nxqm-afgv","summary":"cross-site scripting","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35730"},{"reference_url":"https://security.archlinux.org/ASA-202101-2","reference_id":"ASA-202101-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-2"},{"reference_url":"https://security.archlinux.org/AVG-1388","reference_id":"AVG-1388","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1388"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5172?format=json","purl":"pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a834-nxqm-afgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5924?format=json","purl":"pkg:deb/debian/roundcube@1.4.15%2Bdfsg.1-1%2Bdeb11u4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.4.15%252Bdfsg.1-1%252Bdeb11u4"}],"aliases":["CVE-2020-35730"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a834-nxqm-afgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6398?format=json","vulnerability_id":"VCID-f77z-fx6y-6kbq","summary":"arbitrary filesystem access","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16651"},{"reference_url":"https://security.archlinux.org/ASA-201711-27","reference_id":"ASA-201711-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-27"},{"reference_url":"https://security.archlinux.org/AVG-506","reference_id":"AVG-506","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-506"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5071?format=json","purl":"pkg:deb/debian/roundcube@1.2.3%2Bdfsg.1-4%2Bdeb9u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-68q2-s29g-qqgh"},{"vulnerability":"VCID-a834-nxqm-afgv"},{"vulnerability":"VCID-f77z-fx6y-6kbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.2.3%252Bdfsg.1-4%252Bdeb9u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5172?format=json","purl":"pkg:deb/debian/roundcube@1.3.17%2Bdfsg.1-1~deb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a834-nxqm-afgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2"}],"aliases":["CVE-2017-16651"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f77z-fx6y-6kbq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/roundcube@1.3.17%252Bdfsg.1-1~deb10u2"}