{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112749?format=json","vulnerability_id":"VCID-1g7v-4wds-uubh","summary":"nodejs-negotiator: Regular expression denial-of-service","aliases":[{"alias":"CVE-2016-1000022"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/149934?format=json","purl":"pkg:rpm/redhat/nodejs-accepts@1.3.3-1?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1g7v-4wds-uubh"},{"vulnerability":"VCID-5fdk-795g-z3fr"},{"vulnerability":"VCID-e21t-d8nr-d3hy"},{"vulnerability":"VCID-fcxm-d1r9-47bp"},{"vulnerability":"VCID-rnzg-hqnn-4ya5"},{"vulnerability":"VCID-u61p-cb1x-jqgk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs-accepts@1.3.3-1%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/149863?format=json","purl":"pkg:rpm/redhat/nodejs-express@4.13.3-4?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1g7v-4wds-uubh"},{"vulnerability":"VCID-5fdk-795g-z3fr"},{"vulnerability":"VCID-e21t-d8nr-d3hy"},{"vulnerability":"VCID-fcxm-d1r9-47bp"},{"vulnerability":"VCID-rnzg-hqnn-4ya5"},{"vulnerability":"VCID-u61p-cb1x-jqgk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs-express@4.13.3-4%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/149883?format=json","purl":"pkg:rpm/redhat/nodejs-mime-db@1.23.0-1?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1g7v-4wds-uubh"},{"vulnerability":"VCID-5fdk-795g-z3fr"},{"vulnerability":"VCID-e21t-d8nr-d3hy"},{"vulnerability":"VCID-fcxm-d1r9-47bp"},{"vulnerability":"VCID-rnzg-hqnn-4ya5"},{"vulnerability":"VCID-u61p-cb1x-jqgk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs-mime-db@1.23.0-1%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/149806?format=json","purl":"pkg:rpm/redhat/nodejs-mime-types@2.1.11-1?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1g7v-4wds-uubh"},{"vulnerability":"VCID-5fdk-795g-z3fr"},{"vulnerability":"VCID-e21t-d8nr-d3hy"},{"vulnerability":"VCID-fcxm-d1r9-47bp"},{"vulnerability":"VCID-rnzg-hqnn-4ya5"},{"vulnerability":"VCID-u61p-cb1x-jqgk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs-mime-types@2.1.11-1%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/149636?format=json","purl":"pkg:rpm/redhat/nodejs-minimatch@3.0.2-1?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1g7v-4wds-uubh"},{"vulnerability":"VCID-5fdk-795g-z3fr"},{"vulnerability":"VCID-e21t-d8nr-d3hy"},{"vulnerability":"VCID-fcxm-d1r9-47bp"},{"vulnerability":"VCID-rnzg-hqnn-4ya5"},{"vulnerability":"VCID-u61p-cb1x-jqgk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs-minimatch@3.0.2-1%3Farch=el7"},{"url":"http://public2.vulnerablecode.io/api/packages/149945?format=json","purl":"pkg:rpm/redhat/nodejs-negotiator@0.6.1-1?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1g7v-4wds-uubh"},{"vulnerability":"VCID-5fdk-795g-z3fr"},{"vulnerability":"VCID-e21t-d8nr-d3hy"},{"vulnerability":"VCID-fcxm-d1r9-47bp"},{"vulnerability":"VCID-rnzg-hqnn-4ya5"},{"vulnerability":"VCID-u61p-cb1x-jqgk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs-negotiator@0.6.1-1%3Farch=el7"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000022.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000022.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1347677","reference_id":"1347677","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1347677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1605","reference_id":"RHSA-2016:1605","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1605"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."}],"exploits":[],"severity_range_score":"4.3 - 4.3","exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1g7v-4wds-uubh"}