{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37316?format=json","vulnerability_id":"VCID-qmy2-2q3f-7kar","summary":"Affected versions of the package are vulnerable to Elliptic Curve Key Disclosure.","aliases":[{"alias":"GHSA-h6wq-jw7q-grxv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/74617?format=json","purl":"pkg:maven/org.bitbucket.b_c/jose4j@0.5.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8mj8-rxf8-qyau"},{"vulnerability":"VCID-h1az-byzj-z3gq"},{"vulnerability":"VCID-nuak-t68p-tuhr"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.bitbucket.b_c/jose4j@0.5.5"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/370590?format=json","purl":"pkg:maven/org.bitbucket.b_c/jose4j@0.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8mj8-rxf8-qyau"},{"vulnerability":"VCID-h1az-byzj-z3gq"},{"vulnerability":"VCID-nuak-t68p-tuhr"},{"vulnerability":"VCID-qmy2-2q3f-7kar"},{"vulnerability":"VCID-wfmh-pkck-yfb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.bitbucket.b_c/jose4j@0.3.6"}],"references":[{"reference_url":"https://bitbucket.org/b_c/jose4j/commits/0517896170af8d5c057407c70a7b08dae454829e","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bitbucket.org/b_c/jose4j/commits/0517896170af8d5c057407c70a7b08dae454829e"},{"reference_url":"https://www.whitesourcesoftware.com/vulnerability-database/WS-2017-0208","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.whitesourcesoftware.com/vulnerability-database/WS-2017-0208"},{"reference_url":"https://github.com/advisories/GHSA-h6wq-jw7q-grxv","reference_id":"GHSA-h6wq-jw7q-grxv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h6wq-jw7q-grxv"}],"weaknesses":[],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmy2-2q3f-7kar"}