{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/362003?format=json","vulnerability_id":"VCID-np7j-auay-17at","summary":"Code Injection\nArbitrary shell execution in php_codesniffer.","aliases":[{"alias":"GMS-2017-344"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388952?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@2.0.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19855?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/412838?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.4.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.4.2"},{"url":"http://public2.vulnerablecode.io/api/packages/412839?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.4.3"},{"url":"http://public2.vulnerablecode.io/api/packages/412840?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.4.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.4.4"},{"url":"http://public2.vulnerablecode.io/api/packages/412841?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.4.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.4.5"},{"url":"http://public2.vulnerablecode.io/api/packages/412842?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.4.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.4.6"},{"url":"http://public2.vulnerablecode.io/api/packages/412843?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.4.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.4.7"},{"url":"http://public2.vulnerablecode.io/api/packages/412844?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.4.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.4.8"},{"url":"http://public2.vulnerablecode.io/api/packages/412845?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.0RC1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.0RC1"},{"url":"http://public2.vulnerablecode.io/api/packages/412846?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.0RC2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.0RC2"},{"url":"http://public2.vulnerablecode.io/api/packages/412847?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.0RC3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.0RC3"},{"url":"http://public2.vulnerablecode.io/api/packages/412848?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.0RC4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.0RC4"},{"url":"http://public2.vulnerablecode.io/api/packages/412849?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/412850?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/412851?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/412852?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/412853?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.4"},{"url":"http://public2.vulnerablecode.io/api/packages/412854?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.5"},{"url":"http://public2.vulnerablecode.io/api/packages/412855?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@1.5.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@1.5.6"},{"url":"http://public2.vulnerablecode.io/api/packages/412856?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@2.0.0RC1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@2.0.0RC1"},{"url":"http://public2.vulnerablecode.io/api/packages/412857?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@2.0.0RC2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@2.0.0RC2"},{"url":"http://public2.vulnerablecode.io/api/packages/412858?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@2.0.0RC3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@2.0.0RC3"},{"url":"http://public2.vulnerablecode.io/api/packages/412859?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@2.0.0RC4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@2.0.0RC4"},{"url":"http://public2.vulnerablecode.io/api/packages/412860?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@2.0.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@2.0.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/412861?format=json","purl":"pkg:composer/squizlabs/php_codesniffer@2.0.0a2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-cjfu-e1rn-1qdx"},{"vulnerability":"VCID-f7xv-brzk-57hm"},{"vulnerability":"VCID-np7j-auay-17at"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/squizlabs/php_codesniffer@2.0.0a2"}],"references":[{"reference_url":"https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/2.8.1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/2.8.1"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-np7j-auay-17at"}