{"url":"http://public2.vulnerablecode.io/api/packages/56128?format=json","purl":"pkg:composer/symfony/symfony@2.7.33","type":"composer","namespace":"symfony","name":"symfony","version":"2.7.33","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.7.49","latest_non_vulnerable_version":"8.0.5","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40103?format=json","vulnerability_id":"VCID-3qct-gbgt-kkbb","summary":"Cross-site Scripting\nThe debug handler in Symfony has an XSS via an array key during exception pretty printing in `ExceptionHandler.php`, as demonstrated by a `/_debugbar/open?op`=get` URI.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-18343","reference_id":"CVE-2017-18343","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-18343"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/56128?format=json","purl":"pkg:composer/symfony/symfony@2.7.33","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.33"},{"url":"http://public2.vulnerablecode.io/api/packages/56129?format=json","purl":"pkg:composer/symfony/symfony@2.8.26","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.8.26"},{"url":"http://public2.vulnerablecode.io/api/packages/55844?format=json","purl":"pkg:composer/symfony/symfony@3.2.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-djnm-e9r4-c3f5"},{"vulnerability":"VCID-dsbx-q641-4fc7"},{"vulnerability":"VCID-xdtu-22ad-63aq"},{"vulnerability":"VCID-xj13-fspe-hfgv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.2.13"},{"url":"http://public2.vulnerablecode.io/api/packages/56130?format=json","purl":"pkg:composer/symfony/symfony@3.3.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@3.3.6"}],"aliases":["CVE-2017-18343"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3qct-gbgt-kkbb"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/symfony/symfony@2.7.33"}