{"url":"http://public2.vulnerablecode.io/api/packages/58641?format=json","purl":"pkg:composer/yiisoft/yii2-dev@2.0.43","type":"composer","namespace":"yiisoft","name":"yii2-dev","version":"2.0.43","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.0.46","latest_non_vulnerable_version":"2.0.46","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41296?format=json","vulnerability_id":"VCID-6rub-m94d-jfct","summary":"Use of Insufficiently Random Values\nyii2 is vulnerable to use of predictable algorithm in a random number generator","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3689","reference_id":"CVE-2021-3689","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3689"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58641?format=json","purl":"pkg:composer/yiisoft/yii2-dev@2.0.43","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2-dev@2.0.43"}],"aliases":["CVE-2021-3689"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rub-m94d-jfct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41294?format=json","vulnerability_id":"VCID-gb9u-t143-vker","summary":"Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)\nyii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator","references":[{"reference_url":"https://huntr.dev/bounties/55517f19-5c28-4db2-8b00-f78f841e8aba","reference_id":"","reference_type":"","scores":[],"url":"https://huntr.dev/bounties/55517f19-5c28-4db2-8b00-f78f841e8aba"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3692","reference_id":"CVE-2021-3692","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3692"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/58641?format=json","purl":"pkg:composer/yiisoft/yii2-dev@2.0.43","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2-dev@2.0.43"}],"aliases":["CVE-2021-3692"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gb9u-t143-vker"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/yiisoft/yii2-dev@2.0.43"}