{"url":"http://public2.vulnerablecode.io/api/packages/59685?format=json","purl":"pkg:composer/showdoc/showdoc@2.9.13","type":"composer","namespace":"showdoc","name":"showdoc","version":"2.9.13","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.10.0","latest_non_vulnerable_version":"2.10.4","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41791?format=json","vulnerability_id":"VCID-6jnb-hve3-uqhn","summary":"showdoc is vulnerable to Cross-Site Request Forgery (CSRF)","references":[{"reference_url":"https://github.com/star7th/showdoc/commit/654e871a3923e79076818a9a03533fe88222c871","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/star7th/showdoc/commit/654e871a3923e79076818a9a03533fe88222c871"},{"reference_url":"https://huntr.dev/bounties/0aa84736-139b-4ae7-becf-604f7f60b1c9","reference_id":"","reference_type":"","scores":[],"url":"https://huntr.dev/bounties/0aa84736-139b-4ae7-becf-604f7f60b1c9"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3993","reference_id":"CVE-2021-3993","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3993"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59685?format=json","purl":"pkg:composer/showdoc/showdoc@2.9.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13"}],"aliases":["CVE-2021-3993"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6jnb-hve3-uqhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41793?format=json","vulnerability_id":"VCID-bpyz-tsky-t7dy","summary":"URL Redirection to Untrusted Site ('Open Redirect')\nshowdoc is vulnerable to URL Redirection to Untrusted Site","references":[{"reference_url":"https://github.com/star7th/showdoc/commit/335afc7ed6d6627c3d0434aa9acc168c77117614","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/star7th/showdoc/commit/335afc7ed6d6627c3d0434aa9acc168c77117614"},{"reference_url":"https://huntr.dev/bounties/ffc61eff-efea-42c5-92c2-e043fdf904d5","reference_id":"","reference_type":"","scores":[],"url":"https://huntr.dev/bounties/ffc61eff-efea-42c5-92c2-e043fdf904d5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3989","reference_id":"CVE-2021-3989","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3989"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59685?format=json","purl":"pkg:composer/showdoc/showdoc@2.9.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13"}],"aliases":["CVE-2021-3989"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bpyz-tsky-t7dy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41794?format=json","vulnerability_id":"VCID-nqnp-wv88-w7be","summary":"showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)","references":[{"reference_url":"https://github.com/star7th/showdoc/commit/a9886f26c08225e0adca75c67dfca3f7c42b87d0","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/star7th/showdoc/commit/a9886f26c08225e0adca75c67dfca3f7c42b87d0"},{"reference_url":"https://huntr.dev/bounties/0680067d-56a7-4412-b06e-a267e850ae9f","reference_id":"","reference_type":"","scores":[],"url":"https://huntr.dev/bounties/0680067d-56a7-4412-b06e-a267e850ae9f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3990","reference_id":"CVE-2021-3990","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59685?format=json","purl":"pkg:composer/showdoc/showdoc@2.9.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13"}],"aliases":["CVE-2021-3990"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqnp-wv88-w7be"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41783?format=json","vulnerability_id":"VCID-rsa3-88rf-z7bu","summary":"showdoc is vulnerable to Cross-Site Request Forgery (CSRF)","references":[{"reference_url":"https://github.com/star7th/showdoc/commit/654e871a3923e79076818a9a03533fe88222c871","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/star7th/showdoc/commit/654e871a3923e79076818a9a03533fe88222c871"},{"reference_url":"https://huntr.dev/bounties/1d8439e8-b3f7-40f8-8b30-f9cb05ff2bcd","reference_id":"","reference_type":"","scores":[],"url":"https://huntr.dev/bounties/1d8439e8-b3f7-40f8-8b30-f9cb05ff2bcd"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-4017","reference_id":"CVE-2021-4017","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-4017"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59685?format=json","purl":"pkg:composer/showdoc/showdoc@2.9.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13"}],"aliases":["CVE-2021-4017"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rsa3-88rf-z7bu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/showdoc/showdoc@2.9.13"}