Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/321191?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/321191?format=api", "vulnerability_id": "VCID-hytp-ymst-wydu", "summary": "", "aliases": [ { "alias": "CVE-2020-11671" }, { "alias": "GHSA-gmr7-m73x-6c9q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392296?format=api", "purl": "pkg:composer/nilsteampassnet/teampass@3.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1dkf-xbbk-d7ej" }, { "vulnerability": "VCID-3ep8-e51b-wygf" }, { "vulnerability": "VCID-7uys-bmga-vyf6" }, { "vulnerability": "VCID-8ccd-ebn8-w7ca" }, { "vulnerability": "VCID-9b52-k67m-7fb9" }, { "vulnerability": "VCID-a7h6-fstf-kqee" }, { "vulnerability": "VCID-f4pc-cnmz-xuds" }, { "vulnerability": "VCID-fq8k-9rzx-d3h9" }, { "vulnerability": "VCID-gapw-p82p-5ffg" }, { "vulnerability": "VCID-gccz-1apc-nbc7" }, { "vulnerability": "VCID-hsc2-ujdn-akd9" }, { "vulnerability": "VCID-j45n-ee9b-jkfu" }, { "vulnerability": "VCID-jfjy-mp8x-7bay" }, { "vulnerability": "VCID-nerp-rft5-e7hu" }, { "vulnerability": "VCID-p8s7-qwsb-sucm" }, { "vulnerability": "VCID-s72e-wwmn-5udy" }, { "vulnerability": "VCID-sbzn-52hj-2fem" }, { "vulnerability": "VCID-ttgj-91qs-1kb1" }, { "vulnerability": "VCID-vbq8-3npj-fudc" }, { "vulnerability": "VCID-vsm8-3aay-zugs" }, { "vulnerability": "VCID-w3sd-njh7-dka9" }, { "vulnerability": "VCID-yjg1-e2zq-qbh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/414980?format=api", "purl": "pkg:composer/nilsteampassnet/teampass@2.1.21", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1dkf-xbbk-d7ej" }, { "vulnerability": "VCID-3ep8-e51b-wygf" }, { "vulnerability": "VCID-7uys-bmga-vyf6" }, { "vulnerability": "VCID-8ccd-ebn8-w7ca" }, { "vulnerability": "VCID-9b52-k67m-7fb9" }, { "vulnerability": "VCID-a7h6-fstf-kqee" }, { "vulnerability": "VCID-atka-cwfk-1qft" }, { "vulnerability": "VCID-f256-8ace-tkfz" }, { "vulnerability": "VCID-f4pc-cnmz-xuds" }, { "vulnerability": "VCID-fq8k-9rzx-d3h9" }, { "vulnerability": "VCID-gapw-p82p-5ffg" }, { "vulnerability": "VCID-gccz-1apc-nbc7" }, { "vulnerability": "VCID-ge6p-wb66-23h1" }, { "vulnerability": "VCID-h7b6-7zyw-2ubd" }, { "vulnerability": "VCID-hsc2-ujdn-akd9" }, { "vulnerability": "VCID-hytp-ymst-wydu" }, { "vulnerability": "VCID-j45n-ee9b-jkfu" }, { "vulnerability": "VCID-jfjy-mp8x-7bay" }, { "vulnerability": "VCID-kasr-phan-wfe1" }, { "vulnerability": "VCID-nerp-rft5-e7hu" }, { "vulnerability": "VCID-nrku-7gg1-x7dc" }, { "vulnerability": "VCID-p8s7-qwsb-sucm" }, { "vulnerability": "VCID-rkke-dz1k-qke7" }, { "vulnerability": "VCID-s72e-wwmn-5udy" }, { "vulnerability": "VCID-sbzn-52hj-2fem" }, { "vulnerability": "VCID-sddd-pv7u-pkeh" }, { "vulnerability": "VCID-ttgj-91qs-1kb1" }, { "vulnerability": "VCID-vbq8-3npj-fudc" }, { "vulnerability": "VCID-veg8-behu-43g4" }, { "vulnerability": "VCID-vsm8-3aay-zugs" }, { "vulnerability": "VCID-w3sd-njh7-dka9" }, { "vulnerability": "VCID-w9n1-5spr-3yd5" }, { "vulnerability": "VCID-yjg1-e2zq-qbh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.21" }, { "url": "http://public2.vulnerablecode.io/api/packages/19902?format=api", "purl": "pkg:composer/nilsteampassnet/teampass@2.1.26", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1dkf-xbbk-d7ej" }, { "vulnerability": "VCID-3ep8-e51b-wygf" }, { "vulnerability": "VCID-7uys-bmga-vyf6" }, { "vulnerability": "VCID-8ccd-ebn8-w7ca" }, { "vulnerability": "VCID-9b52-k67m-7fb9" }, { "vulnerability": "VCID-a7h6-fstf-kqee" }, { "vulnerability": "VCID-apxy-13pc-33e1" }, { "vulnerability": "VCID-atka-cwfk-1qft" }, { "vulnerability": "VCID-f256-8ace-tkfz" }, { "vulnerability": "VCID-f4pc-cnmz-xuds" }, { "vulnerability": "VCID-fq8k-9rzx-d3h9" }, { "vulnerability": "VCID-gapw-p82p-5ffg" }, { "vulnerability": "VCID-gccz-1apc-nbc7" }, { "vulnerability": "VCID-ge6p-wb66-23h1" }, { "vulnerability": "VCID-h7b6-7zyw-2ubd" }, { "vulnerability": "VCID-hsc2-ujdn-akd9" }, { "vulnerability": "VCID-hytp-ymst-wydu" }, { "vulnerability": "VCID-j45n-ee9b-jkfu" }, { "vulnerability": "VCID-jfjy-mp8x-7bay" }, { "vulnerability": "VCID-kasr-phan-wfe1" }, { "vulnerability": "VCID-nerp-rft5-e7hu" }, { "vulnerability": "VCID-p8s7-qwsb-sucm" }, { "vulnerability": "VCID-rkke-dz1k-qke7" }, { "vulnerability": "VCID-s72e-wwmn-5udy" }, { "vulnerability": "VCID-sbzn-52hj-2fem" }, { "vulnerability": "VCID-sddd-pv7u-pkeh" }, { "vulnerability": "VCID-ttgj-91qs-1kb1" }, { "vulnerability": "VCID-vbq8-3npj-fudc" }, { "vulnerability": "VCID-veg8-behu-43g4" }, { "vulnerability": "VCID-vsm8-3aay-zugs" }, { "vulnerability": "VCID-w3sd-njh7-dka9" }, { "vulnerability": "VCID-yjg1-e2zq-qbh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.26" }, { "url": "http://public2.vulnerablecode.io/api/packages/21717?format=api", "purl": "pkg:composer/nilsteampassnet/teampass@2.1.27", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1dkf-xbbk-d7ej" }, { "vulnerability": "VCID-3ep8-e51b-wygf" }, { "vulnerability": "VCID-7uys-bmga-vyf6" }, { "vulnerability": "VCID-8ccd-ebn8-w7ca" }, { "vulnerability": "VCID-9b52-k67m-7fb9" }, { "vulnerability": "VCID-a7h6-fstf-kqee" }, { "vulnerability": "VCID-atka-cwfk-1qft" }, { "vulnerability": "VCID-f256-8ace-tkfz" }, { "vulnerability": "VCID-f4pc-cnmz-xuds" }, { "vulnerability": "VCID-fq8k-9rzx-d3h9" }, { "vulnerability": "VCID-gapw-p82p-5ffg" }, { "vulnerability": "VCID-gccz-1apc-nbc7" }, { "vulnerability": "VCID-ge6p-wb66-23h1" }, { "vulnerability": "VCID-h7b6-7zyw-2ubd" }, { "vulnerability": "VCID-hsc2-ujdn-akd9" }, { "vulnerability": "VCID-hytp-ymst-wydu" }, { "vulnerability": "VCID-j45n-ee9b-jkfu" }, { "vulnerability": "VCID-jfjy-mp8x-7bay" }, { "vulnerability": "VCID-kasr-phan-wfe1" }, { "vulnerability": "VCID-nerp-rft5-e7hu" }, { "vulnerability": "VCID-p8s7-qwsb-sucm" }, { "vulnerability": "VCID-rkke-dz1k-qke7" }, { "vulnerability": "VCID-s72e-wwmn-5udy" }, { "vulnerability": "VCID-sbzn-52hj-2fem" }, { "vulnerability": "VCID-sddd-pv7u-pkeh" }, { "vulnerability": "VCID-ttgj-91qs-1kb1" }, { "vulnerability": "VCID-vbq8-3npj-fudc" }, { "vulnerability": "VCID-veg8-behu-43g4" }, { "vulnerability": "VCID-vsm8-3aay-zugs" }, { "vulnerability": "VCID-w3sd-njh7-dka9" }, { "vulnerability": "VCID-yjg1-e2zq-qbh9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.27" }, { "url": "http://public2.vulnerablecode.io/api/packages/23871?format=api", "purl": "pkg:composer/nilsteampassnet/teampass@2.1.27%2B36", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2xmc-fau3-7qf1" }, { "vulnerability": "VCID-4aga-e81s-bkhm" }, { "vulnerability": "VCID-6ua5-hzh9-mqfc" }, { "vulnerability": "VCID-ezyx-712w-x7hc" }, { "vulnerability": "VCID-hytp-ymst-wydu" }, { "vulnerability": "VCID-jud6-pyfp-n7gz" }, { "vulnerability": "VCID-s7mv-kdkf-vuay" }, { "vulnerability": "VCID-x6yt-ngt4-13e8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@2.1.27%252B36" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53778", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53903", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.5392", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53906", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11671" }, { "reference_url": "https://github.com/nilsteampassnet/TeamPass/issues/2765", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/nilsteampassnet/TeamPass/issues/2765" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11671", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11671" }, { "reference_url": "https://github.com/advisories/GHSA-gmr7-m73x-6c9q", "reference_id": "GHSA-gmr7-m73x-6c9q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gmr7-m73x-6c9q" } ], "weaknesses": [ { "cwe_id": 862, "name": "Missing Authorization", "description": "The product does not perform an authorization check when an actor attempts to access a resource or perform an action." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 269, "name": "Improper Privilege Management", "description": "The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "7.0 - 8.9", "exploitability": "0.5", "weighted_severity": "8.0", "risk_score": 4.0, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hytp-ymst-wydu" }