{"url":"http://public2.vulnerablecode.io/api/packages/57700?format=json","purl":"pkg:composer/laravel/framework@5.4.15","type":"composer","namespace":"laravel","name":"framework","version":"5.4.15","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"5.4.16","latest_non_vulnerable_version":"9.32.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40857?format=json","vulnerability_id":"VCID-jmkc-rnwm-k7bk","summary":"SQL Injection\nLaravel is vulnerable to Error based SQL injection in `save.php` via `dhx_user` and `dhx_version` parameters.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-6330","reference_id":"CVE-2018-6330","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-6330"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/57701?format=json","purl":"pkg:composer/laravel/framework@5.4.16","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@5.4.16"}],"aliases":["CVE-2018-6330"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jmkc-rnwm-k7bk"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/laravel/framework@5.4.15"}