{"url":"http://public2.vulnerablecode.io/api/packages/54811?format=json","purl":"pkg:composer/magento/community-edition@2.1.0","type":"composer","namespace":"magento","name":"community-edition","version":"2.1.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.1.2","latest_non_vulnerable_version":"2.4.9-alpha3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40900?format=json","vulnerability_id":"VCID-7e2t-x8vb-b7gu","summary":"SQL Injection\nAn unauthenticated user can execute SQL statements that allow arbitrary read access to the underlying database.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7139","reference_id":"CVE-2019-7139","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7139"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57762?format=json","purl":"pkg:composer/magento/community-edition@2.1.17","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.17"},{"url":"http://public2.vulnerablecode.io/api/packages/57763?format=json","purl":"pkg:composer/magento/community-edition@2.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/57764?format=json","purl":"pkg:composer/magento/community-edition@2.3.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.1"}],"aliases":["CVE-2019-7139"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7e2t-x8vb-b7gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39275?format=json","vulnerability_id":"VCID-yssg-z4sv-bfe7","summary":"Cross-Site Request Forgery (CSRF)\nMagento Community Edition and Enterprise Edition have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433.","references":[{"reference_url":"https://magento.com/security/patches/magento-2010-and-212-security-update","reference_id":"","reference_type":"","scores":[],"url":"https://magento.com/security/patches/magento-2010-and-212-security-update"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-5301","reference_id":"CVE-2018-5301","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-5301"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/54813?format=json","purl":"pkg:composer/magento/community-edition@2.1.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.2"}],"aliases":["CVE-2018-5301"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yssg-z4sv-bfe7"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.1.0"}