Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/533563?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/533563?format=api", "purl": "pkg:npm/convert-svg-core@0.3.1", "type": "npm", "namespace": "", "name": "convert-svg-core", "version": "0.3.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "0.6.4", "latest_non_vulnerable_version": "0.6.4", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210742?format=api", "vulnerability_id": "VCID-m2gu-p5ck-nugz", "summary": "Code injection via SVG file in convert-svg-core", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.5045", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50317", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50455", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.50469", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24429" }, { "reference_url": "https://github.com/neocotic/convert-svg", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg" }, { "reference_url": "https://github.com/neocotic/convert-svg/commit/a43dffaab0f1e419d5be84e2e7356b86ffac3cf1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg/commit/a43dffaab0f1e419d5be84e2e7356b86ffac3cf1" }, { "reference_url": "https://github.com/neocotic/convert-svg/issues/84", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg/issues/84" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGCORE-2859212", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGCORE-2859212" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24429", "reference_id": "CVE-2022-24429", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24429" }, { "reference_url": "https://github.com/advisories/GHSA-54px-mhwv-5v8x", "reference_id": "GHSA-54px-mhwv-5v8x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-54px-mhwv-5v8x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24491?format=api", "purl": "pkg:npm/convert-svg-core@0.6.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-y1w8-4pyp-5kc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/convert-svg-core@0.6.3" } ], "aliases": [ "CVE-2022-24429", "GHSA-54px-mhwv-5v8x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2gu-p5ck-nugz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211066?format=api", "vulnerability_id": "VCID-n32t-14pd-bycq", "summary": "convert-svg-core vulnerable to remote code injection", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-25759", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02015", "scoring_system": "epss", "scoring_elements": "0.84163", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02015", "scoring_system": "epss", "scoring_elements": "0.84106", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02015", "scoring_system": "epss", "scoring_elements": "0.84166", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02015", "scoring_system": "epss", "scoring_elements": "0.84171", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-25759" }, { "reference_url": "https://github.com/neocotic/convert-svg", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg" }, { "reference_url": "https://github.com/neocotic/convert-svg/commit/7e6031ac7427cf82cf312cb4a25040f2e6efe7a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg/commit/7e6031ac7427cf82cf312cb4a25040f2e6efe7a5" }, { "reference_url": "https://github.com/neocotic/convert-svg/issues/81", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg/issues/81" }, { "reference_url": "https://github.com/neocotic/convert-svg/pull/82", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg/pull/82" }, { "reference_url": "https://security.snyk.io/vuln/SNYK-JS-CONVERTSVGCORE-2849633", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.snyk.io/vuln/SNYK-JS-CONVERTSVGCORE-2849633" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25759", "reference_id": "CVE-2022-25759", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25759" }, { "reference_url": "https://github.com/advisories/GHSA-5gxc-fxcr-9326", "reference_id": "GHSA-5gxc-fxcr-9326", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5gxc-fxcr-9326" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/25470?format=api", "purl": "pkg:npm/convert-svg-core@0.6.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-m2gu-p5ck-nugz" }, { "vulnerability": "VCID-y1w8-4pyp-5kc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/convert-svg-core@0.6.2" } ], "aliases": [ "CVE-2022-25759", "GHSA-5gxc-fxcr-9326" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n32t-14pd-bycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/207556?format=api", "vulnerability_id": "VCID-xuuy-neyq-b7gc", "summary": "Path Traversal in convert-svg packages", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00386", "scoring_system": "epss", "scoring_elements": "0.60331", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00386", "scoring_system": "epss", "scoring_elements": "0.60224", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00386", "scoring_system": "epss", "scoring_elements": "0.60335", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00386", "scoring_system": "epss", "scoring_elements": "0.60342", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-23631" }, { "reference_url": "https://gist.github.com/legndery/a248350bb25b8502a03c2f407cedeb14", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gist.github.com/legndery/a248350bb25b8502a03c2f407cedeb14" }, { "reference_url": "https://github.com/neocotic/convert-svg", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGCORE-1582785", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGCORE-1582785" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGTOJPEG-2348245", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGTOJPEG-2348245" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGTOPNG-2348244", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGTOPNG-2348244" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23631", "reference_id": "CVE-2021-23631", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23631" }, { "reference_url": "https://github.com/advisories/GHSA-jv7g-9g6q-cxvw", "reference_id": "GHSA-jv7g-9g6q-cxvw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jv7g-9g6q-cxvw" } ], "fixed_packages": [], "aliases": [ "CVE-2021-23631", "GHSA-jv7g-9g6q-cxvw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xuuy-neyq-b7gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210747?format=api", "vulnerability_id": "VCID-y1w8-4pyp-5kc5", "summary": "Directory traversal in convert-svg-core", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24278", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.73189", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.73112", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.73202", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00729", "scoring_system": "epss", "scoring_elements": "0.73205", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24278" }, { "reference_url": "https://github.com/neocotic/convert-svg", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg" }, { "reference_url": "https://github.com/neocotic/convert-svg/commit/2bbc498c5029238637206661dbac9e44d37d17c5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg/commit/2bbc498c5029238637206661dbac9e44d37d17c5" }, { "reference_url": "https://github.com/neocotic/convert-svg/issues/86", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg/issues/86" }, { "reference_url": "https://github.com/neocotic/convert-svg/pull/87", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/neocotic/convert-svg/pull/87" }, { "reference_url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGCORE-2859830", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://snyk.io/vuln/SNYK-JS-CONVERTSVGCORE-2859830" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24278", "reference_id": "CVE-2022-24278", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24278" }, { "reference_url": "https://github.com/advisories/GHSA-5f47-rcg5-9m24", "reference_id": "GHSA-5f47-rcg5-9m24", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5f47-rcg5-9m24" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/24501?format=api", "purl": "pkg:npm/convert-svg-core@0.6.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/convert-svg-core@0.6.4" } ], "aliases": [ "CVE-2022-24278", "GHSA-5f47-rcg5-9m24" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y1w8-4pyp-5kc5" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/convert-svg-core@0.3.1" }