{"url":"http://public2.vulnerablecode.io/api/packages/96738?format=json","purl":"pkg:deb/debian/node-serve-index@1.9.1-6?distro=trixie","type":"deb","namespace":"debian","name":"node-serve-index","version":"1.9.1-6","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.9.1-1","latest_non_vulnerable_version":"1.9.1+~1.9.4-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199912?format=json","vulnerability_id":"VCID-dswz-dwmy-uugs","summary":"Cross-Site Scripting in serve-index","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8856","reference_id":"","reference_type":"","scores":[{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61954","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8856"},{"reference_url":"https://github.com/expressjs/serve-index/commit/7381a1d1458959e57ee53ac932b06ff17904777e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/expressjs/serve-index/commit/7381a1d1458959e57ee53ac932b06ff17904777e"},{"reference_url":"https://github.com/expressjs/serve-index/issues/28","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/expressjs/serve-index/issues/28"},{"reference_url":"https://web.archive.org/web/20200227190911/http://www.securityfocus.com/bid/96392","reference_id":"","reference_type":"","scores":[],"url":"https://web.archive.org/web/20200227190911/http://www.securityfocus.com/bid/96392"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8856","reference_id":"CVE-2015-8856","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8856"},{"reference_url":"https://github.com/advisories/GHSA-v633-x5vv-hqwc","reference_id":"GHSA-v633-x5vv-hqwc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v633-x5vv-hqwc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96739?format=json","purl":"pkg:deb/debian/node-serve-index@1.9.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-serve-index@1.9.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96740?format=json","purl":"pkg:deb/debian/node-serve-index@1.9.1-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-serve-index@1.9.1-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96738?format=json","purl":"pkg:deb/debian/node-serve-index@1.9.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-serve-index@1.9.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96741?format=json","purl":"pkg:deb/debian/node-serve-index@1.9.1%2B~1.9.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-serve-index@1.9.1%252B~1.9.4-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8856","GHSA-v633-x5vv-hqwc"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dswz-dwmy-uugs"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-serve-index@1.9.1-6%3Fdistro=trixie"}