Vulnerability Instance

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/340611?format=api",
    "vulnerability_id": "VCID-jeay-1dqr-pygf",
    "summary": "eZ Platform users with the Company admin role can assign any role to any user",
    "aliases": [
        {
            "alias": "GHSA-pcpm-vc4v-cmvx"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/79938?format=api",
            "purl": "pkg:composer/ezsystems/ezplatform-admin-ui@1.5.29",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezplatform-admin-ui@1.5.29"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/79929?format=api",
            "purl": "pkg:composer/ezsystems/ezplatform-admin-ui@2.3.26",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3pp4-cq4u-1kdm"
                },
                {
                    "vulnerability": "VCID-ugfp-qx5y-sfdn"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezplatform-admin-ui@2.3.26"
        }
    ],
    "affected_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/58671?format=api",
            "purl": "pkg:composer/ezsystems/ezplatform-admin-ui@1.5.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-jeay-1dqr-pygf"
                },
                {
                    "vulnerability": "VCID-k5pd-88n3-jfgx"
                },
                {
                    "vulnerability": "VCID-wyhx-mqdv-1kg6"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezplatform-admin-ui@1.5.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/69791?format=api",
            "purl": "pkg:composer/ezsystems/ezplatform-admin-ui@2.3.0",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-3pp4-cq4u-1kdm"
                },
                {
                    "vulnerability": "VCID-jeay-1dqr-pygf"
                },
                {
                    "vulnerability": "VCID-ugfp-qx5y-sfdn"
                },
                {
                    "vulnerability": "VCID-xxs5-b7eu-u3es"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezplatform-admin-ui@2.3.0"
        }
    ],
    "references": [
        {
            "reference_url": "https://developers.ibexa.co/security-advisories/ibexa-sa-2022-009-critical-vulnerabilities-in-graphql-role-assignment-ct-editing-and-drafts-tooltips",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "CRITICAL",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://developers.ibexa.co/security-advisories/ibexa-sa-2022-009-critical-vulnerabilities-in-graphql-role-assignment-ct-editing-and-drafts-tooltips"
        },
        {
            "reference_url": "https://github.com/ezsystems/ezplatform-admin-ui",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "CRITICAL",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://github.com/ezsystems/ezplatform-admin-ui"
        },
        {
            "reference_url": "https://github.com/ezsystems/ezplatform-admin-ui/commit/29e156a7bbecca5abd946c99546a261679587d29",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "CRITICAL",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://github.com/ezsystems/ezplatform-admin-ui/commit/29e156a7bbecca5abd946c99546a261679587d29"
        },
        {
            "reference_url": "https://github.com/advisories/GHSA-pcpm-vc4v-cmvx",
            "reference_id": "GHSA-pcpm-vc4v-cmvx",
            "reference_type": "",
            "scores": [
                {
                    "value": "CRITICAL",
                    "scoring_system": "cvssv3.1_qr",
                    "scoring_elements": ""
                }
            ],
            "url": "https://github.com/advisories/GHSA-pcpm-vc4v-cmvx"
        },
        {
            "reference_url": "https://github.com/ezsystems/ezplatform-admin-ui/security/advisories/GHSA-pcpm-vc4v-cmvx",
            "reference_id": "GHSA-pcpm-vc4v-cmvx",
            "reference_type": "",
            "scores": [
                {
                    "value": "CRITICAL",
                    "scoring_system": "cvssv3.1_qr",
                    "scoring_elements": ""
                },
                {
                    "value": "CRITICAL",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://github.com/ezsystems/ezplatform-admin-ui/security/advisories/GHSA-pcpm-vc4v-cmvx"
        }
    ],
    "weaknesses": [],
    "exploits": [],
    "severity_range_score": "9.0 - 10.0",
    "exploitability": "0.5",
    "weighted_severity": "9.0",
    "risk_score": 4.5,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jeay-1dqr-pygf"
}