{"url":"http://public2.vulnerablecode.io/api/packages/56235?format=json","purl":"pkg:composer/truckersmp/phpwhois@4.3.1","type":"composer","namespace":"truckersmp","name":"phpwhois","version":"4.3.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40132?format=json","vulnerability_id":"VCID-rrkv-3fw9-k7eq","summary":"Code Injection\nphpWhois allows remote attackers to execute arbitrary code via a crafted whois record.","references":[{"reference_url":"https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180425-01_phpWhois_Code_Execution","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sbaresearch/advisories/tree/public/2018/SBA-ADV-20180425-01_phpWhois_Code_Execution"}],"fixed_packages":[],"aliases":["CVE-2015-5243"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rrkv-3fw9-k7eq"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/truckersmp/phpwhois@4.3.1"}