VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/936579?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/936579?format=api",
    "purl": "pkg:npm/%40backstage/plugin-techdocs-node@1.13.10-next.0",
    "type": "npm",
    "namespace": "@backstage",
    "name": "plugin-techdocs-node",
    "version": "1.13.10-next.0",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": "1.14.3",
    "latest_non_vulnerable_version": "1.14.3",
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73954?format=api",
            "vulnerability_id": "VCID-55sp-nuj7-nkf8",
            "summary": "Backstage is an open framework for building developer portals. Prior to version 1.14.3, this is a configuration bypass vulnerability that enables arbitrary code execution. The @backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml that causes arbitrary Python code execution, completely bypassing TechDocs' security controls. This issue has been patched in version 1.14.3.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29186.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "9.1",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29186.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-29186",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00038",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11771",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00038",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11831",
                            "published_at": "2026-06-14T12:55:00Z"
                        },
                        {
                            "value": "0.00038",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11855",
                            "published_at": "2026-06-13T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-29186"
                },
                {
                    "reference_url": "https://backstage.io/docs/features/techdocs/architecture",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://backstage.io/docs/features/techdocs/architecture"
                },
                {
                    "reference_url": "https://github.com/backstage/backstage",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/backstage/backstage"
                },
                {
                    "reference_url": "https://www.mkdocs.org/about/release-notes/#version-14-2022-09-27",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://www.mkdocs.org/about/release-notes/#version-14-2022-09-27"
                },
                {
                    "reference_url": "https://www.mkdocs.org/user-guide/configuration/#hooks",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://www.mkdocs.org/user-guide/configuration/#hooks"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445480",
                    "reference_id": "2445480",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445480"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186",
                    "reference_id": "CVE-2026-29186",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-928r-fm4v-mvrw",
                    "reference_id": "GHSA-928r-fm4v-mvrw",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-928r-fm4v-mvrw"
                },
                {
                    "reference_url": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw",
                    "reference_id": "GHSA-928r-fm4v-mvrw",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-09T20:15:04Z/"
                        }
                    ],
                    "url": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:13826",
                    "reference_id": "RHSA-2026:13826",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:13826"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:9742",
                    "reference_id": "RHSA-2026:9742",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:9742"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/40222?format=api",
                    "purl": "pkg:npm/%40backstage/plugin-techdocs-node@1.14.3",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540backstage/plugin-techdocs-node@1.14.3"
                }
            ],
            "aliases": [
                "CVE-2026-29186",
                "GHSA-928r-fm4v-mvrw"
            ],
            "risk_score": 4.1,
            "exploitability": "0.5",
            "weighted_severity": "8.2",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-55sp-nuj7-nkf8"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66143?format=api",
            "vulnerability_id": "VCID-mdv6-fupk-dqgh",
            "summary": "Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, when TechDocs is configured with `runIn: local`, a malicious actor who can submit or modify a repository's `mkdocs.yml` file can execute arbitrary Python code on the TechDocs build server via MkDocs hooks configuration. @backstage/plugin-techdocs-node versions 1.13.11 and 1.14.1 contain a fix. The fix introduces an allowlist of supported MkDocs configuration keys. Unsupported configuration keys (including `hooks`) are now removed from `mkdocs.yml` before running the generator, with a warning logged to indicate which keys were removed. Users of `@techdocs/cli` should also upgrade to the latest version, which includes the fixed `@backstage/plugin-techdocs-node` dependency. Some workarounds are available. Configure TechDocs with `runIn: docker` instead of `runIn: local` to provide container isolation, though it does not fully mitigate the risk. Limit who can modify `mkdocs.yml` files in repositories that TechDocs processes; only allow trusted contributors. Implement PR review requirements for changes to `mkdocs.yml` files to detect malicious `hooks` configurations before they are merged. Use MkDocs < 1.4.0 (e.g., 1.3.1) which does not support hooks. Note: This may limit access to newer MkDocs features. Building documentation in CI/CD pipelines using `@techdocs/cli` does not mitigate this vulnerability, as the CLI uses the same vulnerable `@backstage/plugin-techdocs-node` package.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25153.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25153.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25153",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0906",
                            "published_at": "2026-06-14T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.09072",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.09026",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.0003",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0907",
                            "published_at": "2026-06-12T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25153"
                },
                {
                    "reference_url": "https://github.com/backstage/backstage",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/backstage/backstage"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435576",
                    "reference_id": "2435576",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435576"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25153",
                    "reference_id": "CVE-2026-25153",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25153"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-6jr7-99pf-8vgf",
                    "reference_id": "GHSA-6jr7-99pf-8vgf",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-6jr7-99pf-8vgf"
                },
                {
                    "reference_url": "https://github.com/backstage/backstage/security/advisories/GHSA-6jr7-99pf-8vgf",
                    "reference_id": "GHSA-6jr7-99pf-8vgf",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-02T16:25:14Z/"
                        }
                    ],
                    "url": "https://github.com/backstage/backstage/security/advisories/GHSA-6jr7-99pf-8vgf"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:6174",
                    "reference_id": "RHSA-2026:6174",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:6174"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2026:6802",
                    "reference_id": "RHSA-2026:6802",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2026:6802"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/38485?format=api",
                    "purl": "pkg:npm/%40backstage/plugin-techdocs-node@1.13.11",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-55sp-nuj7-nkf8"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540backstage/plugin-techdocs-node@1.13.11"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/38487?format=api",
                    "purl": "pkg:npm/%40backstage/plugin-techdocs-node@1.14.1",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-55sp-nuj7-nkf8"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540backstage/plugin-techdocs-node@1.14.1"
                }
            ],
            "aliases": [
                "CVE-2026-25153",
                "GHSA-6jr7-99pf-8vgf"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mdv6-fupk-dqgh"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66192?format=api",
            "vulnerability_id": "VCID-s1rt-8bjn-mba8",
            "summary": "Backstage is an open framework for building developer portals, and @backstage/plugin-techdocs-node provides common node.js functionalities for TechDocs. In versions of @backstage/plugin-techdocs-node prior to 1.13.11 and 1.14.1, a path traversal vulnerability in the TechDocs local generator allows attackers to read arbitrary files from the host filesystem when Backstage is configured with `techdocs.generator.runIn: local`. When processing documentation from untrusted sources, symlinks within the docs directory are followed by MkDocs during the build process. File contents are embedded into generated HTML and exposed to users who can view the documentation. This vulnerability is fixed in` @backstage/plugin-techdocs-node` versions 1.13.11 and 1.14.1. Some workarounds are available. Switch to `runIn: docker` in `app-config.yaml` and/or restrict write access to TechDocs source repositories to trusted users only.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25152.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25152.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25152",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00025",
                            "scoring_system": "epss",
                            "scoring_elements": "0.07558",
                            "published_at": "2026-06-14T12:55:00Z"
                        },
                        {
                            "value": "0.00025",
                            "scoring_system": "epss",
                            "scoring_elements": "0.07567",
                            "published_at": "2026-06-13T12:55:00Z"
                        },
                        {
                            "value": "0.00025",
                            "scoring_system": "epss",
                            "scoring_elements": "0.07537",
                            "published_at": "2026-06-11T12:55:00Z"
                        },
                        {
                            "value": "0.00025",
                            "scoring_system": "epss",
                            "scoring_elements": "0.07573",
                            "published_at": "2026-06-12T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25152"
                },
                {
                    "reference_url": "https://github.com/backstage/backstage",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/backstage/backstage"
                },
                {
                    "reference_url": "https://github.com/backstage/backstage/commit/08f388e3394b133171fe13b62a78caf14407b9c3",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/backstage/backstage/commit/08f388e3394b133171fe13b62a78caf14407b9c3"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435575",
                    "reference_id": "2435575",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435575"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25152",
                    "reference_id": "CVE-2026-25152",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25152"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-w669-jj7h-88m9",
                    "reference_id": "GHSA-w669-jj7h-88m9",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "MODERATE",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-w669-jj7h-88m9"
                },
                {
                    "reference_url": "https://github.com/backstage/backstage/security/advisories/GHSA-w669-jj7h-88m9",
                    "reference_id": "GHSA-w669-jj7h-88m9",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-02T16:25:13Z/"
                        }
                    ],
                    "url": "https://github.com/backstage/backstage/security/advisories/GHSA-w669-jj7h-88m9"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/38485?format=api",
                    "purl": "pkg:npm/%40backstage/plugin-techdocs-node@1.13.11",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-55sp-nuj7-nkf8"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540backstage/plugin-techdocs-node@1.13.11"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/38487?format=api",
                    "purl": "pkg:npm/%40backstage/plugin-techdocs-node@1.14.1",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-55sp-nuj7-nkf8"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540backstage/plugin-techdocs-node@1.14.1"
                }
            ],
            "aliases": [
                "CVE-2026-25152",
                "GHSA-w669-jj7h-88m9"
            ],
            "risk_score": 3.1,
            "exploitability": "0.5",
            "weighted_severity": "6.2",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s1rt-8bjn-mba8"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": "4.1",
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/%2540backstage/plugin-techdocs-node@1.13.10-next.0"
}

Package Instance