Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/532008?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/532008?format=api", "purl": "pkg:composer/phpfastcache/phpfastcache@4.3.16", "type": "composer", "namespace": "phpfastcache", "name": "phpfastcache", "version": "4.3.16", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "6.1.5", "latest_non_vulnerable_version": "8.0.7", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41303?format=api", "vulnerability_id": "VCID-phxg-prth-dbah", "summary": "Exposure of Resource to Wrong Sphere\nPhpFastCache is a high-performance backend cache system (packagist package phpfastcache/phpfastcache). the `phpinfo()` can be exposed if the `/vendor` is not protected from public access. This is a rare situation today since the vendor directory is often located outside the web directory or protected via server rule (.htaccess, etc).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.47802", "scoring_system": "epss", "scoring_elements": "0.97772", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.47802", "scoring_system": "epss", "scoring_elements": "0.97773", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.47802", "scoring_system": "epss", "scoring_elements": "0.97767", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.47802", "scoring_system": "epss", "scoring_elements": "0.9777", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-37704" }, { "reference_url": "https://github.com/flextype/flextype/issues/567", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/flextype/flextype/issues/567" }, { "reference_url": "https://github.com/PHPSocialNetwork/phpfastcache/blob/master/CHANGELOG.md#807", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/PHPSocialNetwork/phpfastcache/blob/master/CHANGELOG.md#807" }, { "reference_url": "https://github.com/PHPSocialNetwork/phpfastcache/commit/41a77d0d8f126dbd6fbedcd9e6a82e86cdaafa51", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/PHPSocialNetwork/phpfastcache/commit/41a77d0d8f126dbd6fbedcd9e6a82e86cdaafa51" }, { "reference_url": "https://github.com/PHPSocialNetwork/phpfastcache/pull/813", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/PHPSocialNetwork/phpfastcache/pull/813" }, { "reference_url": "https://github.com/PHPSocialNetwork/phpfastcache/pull/814", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/PHPSocialNetwork/phpfastcache/pull/814" }, { "reference_url": "https://github.com/PHPSocialNetwork/phpfastcache/pull/815", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/PHPSocialNetwork/phpfastcache/pull/815" }, { "reference_url": "https://github.com/PHPSocialNetwork/phpfastcache/security/advisories/GHSA-cvh5-p6r6-g2qc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/PHPSocialNetwork/phpfastcache/security/advisories/GHSA-cvh5-p6r6-g2qc" }, { "reference_url": "https://packagist.org/packages/phpfastcache/phpfastcache", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://packagist.org/packages/phpfastcache/phpfastcache" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37704", "reference_id": "CVE-2021-37704", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37704" }, { "reference_url": "https://github.com/advisories/GHSA-cvh5-p6r6-g2qc", "reference_id": "GHSA-cvh5-p6r6-g2qc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cvh5-p6r6-g2qc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/58663?format=api", "purl": "pkg:composer/phpfastcache/phpfastcache@6.1.5", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpfastcache/phpfastcache@6.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/532048?format=api", "purl": "pkg:composer/phpfastcache/phpfastcache@7.0.0-RC", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpfastcache/phpfastcache@7.0.0-RC" }, { "url": "http://public2.vulnerablecode.io/api/packages/58664?format=api", "purl": "pkg:composer/phpfastcache/phpfastcache@7.1.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpfastcache/phpfastcache@7.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/532056?format=api", "purl": "pkg:composer/phpfastcache/phpfastcache@8.0.0-alpha", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpfastcache/phpfastcache@8.0.0-alpha" }, { "url": "http://public2.vulnerablecode.io/api/packages/58665?format=api", "purl": "pkg:composer/phpfastcache/phpfastcache@8.0.7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpfastcache/phpfastcache@8.0.7" } ], "aliases": [ "CVE-2021-37704", "GHSA-cvh5-p6r6-g2qc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-phxg-prth-dbah" } ], "fixing_vulnerabilities": [], "risk_score": "3.1", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/phpfastcache/phpfastcache@4.3.16" }