{"url":"http://public2.vulnerablecode.io/api/packages/53565?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@3.0.1","type":"composer","namespace":"squizlabs","name":"php_codesniffer","version":"3.0.1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38611?format=json","vulnerability_id":"VCID-5sk2-ygqs-pbgh","summary":"Shell command injection\nA properly crafted filename would allow for arbitrary code execution when using the `--filter=gitmodified` command line option","references":[{"reference_url":"https://github.com/squizlabs/PHP_CodeSniffer/commit/7ce7bb942f5667724e81a3ea99e805a30be6c05b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/squizlabs/PHP_CodeSniffer/commit/7ce7bb942f5667724e81a3ea99e805a30be6c05b"},{"reference_url":"https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/3.0.1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/3.0.1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53565?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@3.0.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@3.0.1"}],"aliases":["GMS-2017-132"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5sk2-ygqs-pbgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42790?format=json","vulnerability_id":"VCID-f2su-dgp1-yyas","summary":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\nA properly crafted filename would allow for arbitrary code execution when using the `--filter=gitmodified` command line option.","references":[{"reference_url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/squizlabs/php_codesniffer/2017-05-18.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FriendsOfPHP/security-advisories/blob/master/squizlabs/php_codesniffer/2017-05-18.yaml"},{"reference_url":"https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/3.0.1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/3.0.1"},{"reference_url":"https://github.com/advisories/GHSA-3988-h75v-hwf6","reference_id":"GHSA-3988-h75v-hwf6","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3988-h75v-hwf6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53565?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@3.0.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@3.0.1"}],"aliases":["GHSA-3988-h75v-hwf6","GMS-2022-513"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f2su-dgp1-yyas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38619?format=json","vulnerability_id":"VCID-hjjc-1dse-jqfm","summary":"Code Injection\nArbitrary shell execution in php_codesniffer.","references":[{"reference_url":"https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/3.0.1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/3.0.1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/53565?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@3.0.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@3.0.1"}],"aliases":["GMS-2017-345"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hjjc-1dse-jqfm"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@3.0.1"}