{"url":"http://public2.vulnerablecode.io/api/packages/96717?format=json","purl":"pkg:deb/debian/node-sanitize-html@2.7.1%2B~2.6.2-1?distro=trixie","type":"deb","namespace":"debian","name":"node-sanitize-html","version":"2.7.1+~2.6.2-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0","latest_non_vulnerable_version":"2.17.0+~2.16.1-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211273?format=json","vulnerability_id":"VCID-jry7-364q-3bgh","summary":"Sanitize-html Vulnerable To REDoS Attacks","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25887","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26744","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25887"},{"reference_url":"https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c"},{"reference_url":"https://github.com/apostrophecms/sanitize-html/pull/557","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/apostrophecms/sanitize-html/pull/557"},{"reference_url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102","reference_id":"","reference_type":"","scores":[],"url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102"},{"reference_url":"https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526","reference_id":"","reference_type":"","scores":[],"url":"https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019219","reference_id":"1019219","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019219"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25887","reference_id":"CVE-2022-25887","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25887"},{"reference_url":"https://github.com/advisories/GHSA-cgfm-xwp7-2cvr","reference_id":"GHSA-cgfm-xwp7-2cvr","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cgfm-xwp7-2cvr"},{"reference_url":"https://usn.ubuntu.com/7464-1/","reference_id":"USN-7464-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7464-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96717?format=json","purl":"pkg:deb/debian/node-sanitize-html@2.7.1%2B~2.6.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-sanitize-html@2.7.1%252B~2.6.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96713?format=json","purl":"pkg:deb/debian/node-sanitize-html@2.8.0%2B~2.6.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-92y7-jps8-3ydr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-sanitize-html@2.8.0%252B~2.6.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96716?format=json","purl":"pkg:deb/debian/node-sanitize-html@2.14.0%2B~2.13.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-sanitize-html@2.14.0%252B~2.13.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96715?format=json","purl":"pkg:deb/debian/node-sanitize-html@2.17.0%2B~2.16.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-sanitize-html@2.17.0%252B~2.16.1-1%3Fdistro=trixie"}],"aliases":["CVE-2022-25887","GHSA-cgfm-xwp7-2cvr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jry7-364q-3bgh"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-sanitize-html@2.7.1%252B~2.6.2-1%3Fdistro=trixie"}