Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/41444?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41444?format=api", "vulnerability_id": "VCID-1k4q-2ttb-13hd", "summary": "Information Exposure\nMagento is vulnerable to an Information Disclosure vulnerability when uploading a modified png file to a product image. Successful exploitation could lead to the disclosure of document root path by an unauthenticated attacker. Access to the admin console is required for successful exploitation.", "aliases": [ { "alias": "CVE-2021-28566" }, { "alias": "GHSA-w942-fw92-mqm2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/66776?format=api", "purl": "pkg:composer/magento/community-edition@2.3.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2g87-y8ek-xfdr" }, { "vulnerability": "VCID-2ttz-k7d2-jucf" }, { "vulnerability": "VCID-36ve-7wxt-z7fz" }, { "vulnerability": "VCID-4cbe-djqs-tug1" }, { "vulnerability": "VCID-4w1v-es9j-subp" }, { "vulnerability": "VCID-6mjf-p1d9-8qa1" }, { "vulnerability": "VCID-8u5e-d6nx-3khc" }, { "vulnerability": "VCID-b5hn-f1qk-z7cu" }, { "vulnerability": "VCID-c1ta-jffg-cfg9" }, { "vulnerability": "VCID-cfjt-51xj-qqdw" }, { "vulnerability": "VCID-er49-k3tc-ufcu" }, { "vulnerability": "VCID-fyh6-gupt-eqgm" }, { "vulnerability": "VCID-fz6y-fece-skgr" }, { "vulnerability": "VCID-gxnx-f2qh-3yf9" }, { "vulnerability": "VCID-hspp-kw5e-akbr" }, { "vulnerability": "VCID-kgws-xvjr-g7bv" }, { "vulnerability": "VCID-kv6x-nz1s-uuar" }, { "vulnerability": "VCID-n5mn-3a8f-nbdb" }, { "vulnerability": "VCID-nn21-hf8r-ykfd" }, { "vulnerability": "VCID-p1py-xewy-7khn" }, { "vulnerability": "VCID-p9qx-66yy-1kc1" }, { "vulnerability": "VCID-pm85-dfg2-euep" }, { "vulnerability": "VCID-rgnq-s54v-vkdm" }, { "vulnerability": "VCID-w42y-yc7r-kqhp" }, { "vulnerability": "VCID-wh14-k3ex-pubq" }, { "vulnerability": "VCID-y93w-2qcc-wqg8" }, { "vulnerability": "VCID-ze8y-4wfs-hbf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/58956?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2-p1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2g87-y8ek-xfdr" }, { "vulnerability": "VCID-2ttz-k7d2-jucf" }, { "vulnerability": "VCID-36ve-7wxt-z7fz" }, { "vulnerability": "VCID-4cbe-djqs-tug1" }, { "vulnerability": "VCID-4w1v-es9j-subp" }, { "vulnerability": "VCID-69wt-c418-mubr" }, { "vulnerability": "VCID-6mjf-p1d9-8qa1" }, { "vulnerability": "VCID-8u5e-d6nx-3khc" }, { "vulnerability": "VCID-b5hn-f1qk-z7cu" }, { "vulnerability": "VCID-c1ta-jffg-cfg9" }, { "vulnerability": "VCID-cfjt-51xj-qqdw" }, { "vulnerability": "VCID-er49-k3tc-ufcu" }, { "vulnerability": "VCID-fz6y-fece-skgr" }, { "vulnerability": "VCID-gxnx-f2qh-3yf9" }, { "vulnerability": "VCID-hspp-kw5e-akbr" }, { "vulnerability": "VCID-kgws-xvjr-g7bv" }, { "vulnerability": "VCID-kv6x-nz1s-uuar" }, { "vulnerability": "VCID-n5mn-3a8f-nbdb" }, { "vulnerability": "VCID-nn21-hf8r-ykfd" }, { "vulnerability": "VCID-p1py-xewy-7khn" }, { "vulnerability": "VCID-p9qx-66yy-1kc1" }, { "vulnerability": "VCID-pm85-dfg2-euep" }, { "vulnerability": "VCID-rgnq-s54v-vkdm" }, { "vulnerability": "VCID-w42y-yc7r-kqhp" }, { "vulnerability": "VCID-wh14-k3ex-pubq" }, { "vulnerability": "VCID-ze8y-4wfs-hbf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2-p1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/57760?format=api", "purl": "pkg:composer/magento/community-edition@2.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1dxu-63w5-ekgu" }, { "vulnerability": "VCID-1eda-g39a-pbbc" }, { "vulnerability": "VCID-1j1n-6t6c-5fh9" }, { "vulnerability": "VCID-1k4q-2ttb-13hd" }, { "vulnerability": "VCID-1rqu-rabn-s3hx" }, { "vulnerability": "VCID-1vw9-9rmg-ekdz" }, { "vulnerability": "VCID-3he2-uctk-kucj" }, { "vulnerability": "VCID-3qx6-ag5g-8kh3" }, { "vulnerability": "VCID-451v-uuw6-t3cb" }, { "vulnerability": "VCID-4dpd-v3e4-6yaz" }, { "vulnerability": "VCID-4dpj-5zh4-4fgv" }, { "vulnerability": "VCID-4rgk-9g8x-9ba9" }, { "vulnerability": "VCID-4yh7-33rp-57g6" }, { "vulnerability": "VCID-5jn6-gjtc-hkcv" }, { "vulnerability": "VCID-5ppd-jm8d-97eh" }, { "vulnerability": "VCID-5t4k-dsf1-6yew" }, { "vulnerability": "VCID-647f-etpr-7yh2" }, { "vulnerability": "VCID-6x2s-f7fh-4yac" }, { "vulnerability": "VCID-71y6-hqhb-hqbz" }, { "vulnerability": "VCID-7e2t-x8vb-b7gu" }, { "vulnerability": "VCID-7h8f-y39q-9bgm" }, { "vulnerability": "VCID-7ww7-eexc-xfg5" }, { "vulnerability": "VCID-87ka-etbj-pfen" }, { "vulnerability": "VCID-8df7-bj7e-kqct" }, { "vulnerability": "VCID-8dk7-9x9f-nyce" }, { "vulnerability": "VCID-8dq1-mm7t-juge" }, { "vulnerability": "VCID-91q6-y9ng-k7hm" }, { "vulnerability": "VCID-98d9-mz52-r3df" }, { "vulnerability": "VCID-99yr-h8p6-pqek" }, { "vulnerability": "VCID-9aex-gkrp-jfds" }, { "vulnerability": "VCID-9gtb-vdpa-kudt" }, { "vulnerability": "VCID-9hzp-v5v4-g7d2" }, { "vulnerability": "VCID-9ukj-86yg-jqf8" }, { "vulnerability": "VCID-a5rz-y1hu-ubc6" }, { "vulnerability": "VCID-a83s-fwca-y7dk" }, { "vulnerability": "VCID-acgj-j9vr-13gu" }, { "vulnerability": "VCID-aqaj-qs9w-jkdd" }, { "vulnerability": "VCID-auav-unvj-jye2" }, { "vulnerability": "VCID-b2jc-f6dt-h7bh" }, { "vulnerability": "VCID-bc4n-g7zu-k3a3" }, { "vulnerability": "VCID-bsqw-1ywb-cydm" }, { "vulnerability": "VCID-bwfu-ab1x-eua9" }, { "vulnerability": "VCID-bxjk-uma4-auc9" }, { "vulnerability": "VCID-c1zp-x19b-2ycy" }, { "vulnerability": "VCID-c4ms-3und-c7d1" }, { "vulnerability": "VCID-c6xs-xkhj-vbg6" }, { "vulnerability": "VCID-cb4v-2t8g-abbg" }, { "vulnerability": "VCID-cmbh-d4y2-3fb4" }, { "vulnerability": "VCID-cp21-cydp-suf8" }, { "vulnerability": "VCID-cw2n-d2g1-hbft" }, { "vulnerability": "VCID-d2uj-57bk-tfft" }, { "vulnerability": "VCID-d683-e29k-4bec" }, { "vulnerability": "VCID-dax5-k254-ffbc" }, { "vulnerability": "VCID-dh2p-qqbr-hkh4" }, { "vulnerability": "VCID-dqkx-knjf-47hh" }, { "vulnerability": "VCID-dvjb-gn4a-afhq" }, { "vulnerability": "VCID-dw3y-c8xc-vbg5" }, { "vulnerability": "VCID-e13p-7zwb-m3ft" }, { "vulnerability": "VCID-e7k8-hmqe-wufh" }, { "vulnerability": "VCID-ekzx-3a5n-cqed" }, { "vulnerability": "VCID-emhr-qdz8-gqfs" }, { "vulnerability": "VCID-ey9c-aqu3-qqcj" }, { "vulnerability": "VCID-eyfh-jns6-vke5" }, { "vulnerability": "VCID-f5ef-53gt-nbcu" }, { "vulnerability": "VCID-fgqe-h7ey-33bd" }, { "vulnerability": "VCID-fn46-hk9u-dfhh" }, { "vulnerability": "VCID-fy6c-nycw-b3a9" }, { "vulnerability": "VCID-g8k7-agvs-ubbz" }, { "vulnerability": "VCID-g9uk-4dfd-muh4" }, { "vulnerability": "VCID-gdn6-jk9k-s3aj" }, { "vulnerability": "VCID-gjt4-tnet-6fck" }, { "vulnerability": "VCID-gm81-x6qm-xbat" }, { "vulnerability": "VCID-gred-dby6-bfhn" }, { "vulnerability": "VCID-grhh-gm6j-p7ht" }, { "vulnerability": "VCID-h4nn-2mrj-g3ds" }, { "vulnerability": "VCID-h5v9-wwkg-kfcj" }, { "vulnerability": "VCID-h64s-51sc-huga" }, { "vulnerability": "VCID-hm1k-1xfy-6fh8" }, { "vulnerability": "VCID-hn49-n9xr-k7c7" }, { "vulnerability": "VCID-hq7k-qz7g-4bc2" }, { "vulnerability": "VCID-hr26-efy6-77dy" }, { "vulnerability": "VCID-hufp-fajk-n7gu" }, { "vulnerability": "VCID-jjbr-mu9r-1bdh" }, { "vulnerability": "VCID-jw7d-ms7b-wbfv" }, { "vulnerability": "VCID-jyup-mxz2-97b4" }, { "vulnerability": "VCID-k7ej-dq8t-33df" }, { "vulnerability": "VCID-k8jy-nckd-vkde" }, { "vulnerability": "VCID-kfap-f6db-n3am" }, { "vulnerability": "VCID-kjp9-9vag-vqhs" }, { "vulnerability": "VCID-kyvw-d4e8-1fd4" }, { "vulnerability": "VCID-m1yj-gxwk-4kfs" }, { "vulnerability": "VCID-m82s-7bj5-pff2" }, { "vulnerability": "VCID-md2p-6h7w-m7fy" }, { "vulnerability": "VCID-mjqm-5xy8-9ya9" }, { "vulnerability": "VCID-mp31-hycm-xbgz" }, { "vulnerability": "VCID-mrx5-dbah-guf8" }, { "vulnerability": "VCID-mszv-cfc2-fkhj" }, { "vulnerability": "VCID-myht-j19s-abbb" }, { "vulnerability": "VCID-mzsj-dck5-pqc5" }, { "vulnerability": "VCID-n3kv-6gdp-qugd" }, { "vulnerability": "VCID-n5zn-qvwh-ubd3" }, { "vulnerability": "VCID-n6jb-4vkn-f7d2" }, { "vulnerability": "VCID-n6n4-ycz2-9fgq" }, { "vulnerability": "VCID-ne2q-15ey-pbca" }, { "vulnerability": "VCID-nf6t-99ep-w3dy" }, { "vulnerability": "VCID-nhc5-t9tn-bucd" }, { "vulnerability": "VCID-p5qc-n3pr-k3cb" }, { "vulnerability": "VCID-pd4m-tn9x-8kee" }, { "vulnerability": "VCID-pft7-2w44-2qh1" }, { "vulnerability": "VCID-ph2b-sfdj-tygn" }, { "vulnerability": "VCID-ppfq-253d-gyhw" }, { "vulnerability": "VCID-pt9w-m9fq-wbah" }, { "vulnerability": "VCID-pv8p-4ac3-kygw" }, { "vulnerability": "VCID-px1s-dzpe-qbfx" }, { "vulnerability": "VCID-pxxm-ce8x-abdq" }, { "vulnerability": "VCID-q222-hs3g-jycr" }, { "vulnerability": "VCID-q7b5-atru-dbbm" }, { "vulnerability": "VCID-qcbx-aq4x-9far" }, { "vulnerability": "VCID-qr9t-ckvn-8uby" }, { "vulnerability": "VCID-qs9v-afgj-7bb3" }, { "vulnerability": "VCID-qwnb-6eb9-4ucf" }, { "vulnerability": "VCID-qx68-8xvf-a7hy" }, { "vulnerability": "VCID-qxrc-8wng-afda" }, { "vulnerability": "VCID-r9vd-3wxe-t3et" }, { "vulnerability": "VCID-rvkp-5uvf-73h8" }, { "vulnerability": "VCID-rwg6-wg1f-bka2" }, { "vulnerability": "VCID-s4dx-4hat-jfca" }, { "vulnerability": "VCID-spjd-9z79-jueh" }, { "vulnerability": "VCID-tcry-6ya3-73b3" }, { "vulnerability": "VCID-tdg3-1dcq-ekgr" }, { "vulnerability": "VCID-tme1-k9t9-2qbb" }, { "vulnerability": "VCID-tuw6-hdbp-yqb2" }, { "vulnerability": "VCID-tw3n-nq5e-ukg1" }, { "vulnerability": "VCID-u1uw-9c7f-jfgn" }, { "vulnerability": "VCID-u3xf-g31z-h3bn" }, { "vulnerability": "VCID-ugug-4yz4-7kgc" }, { "vulnerability": "VCID-upfh-zv37-ruhb" }, { "vulnerability": "VCID-uw26-78xp-hben" }, { "vulnerability": "VCID-uwnu-vhsb-g3bj" }, { "vulnerability": "VCID-v9mz-up25-cych" }, { "vulnerability": "VCID-vcdk-gdky-7fdg" }, { "vulnerability": "VCID-vf6u-35k7-vucs" }, { "vulnerability": "VCID-vp8y-y64r-wkc9" }, { "vulnerability": "VCID-vqqj-z31y-qfcr" }, { "vulnerability": "VCID-wcnq-dgb5-1yh2" }, { "vulnerability": "VCID-wcz3-j28f-gfek" }, { "vulnerability": "VCID-wfma-kt7g-dkbu" }, { "vulnerability": "VCID-whxq-jq76-mbcp" }, { "vulnerability": "VCID-wkhs-89a4-x3dq" }, { "vulnerability": "VCID-wsz3-ucbw-tkbw" }, { "vulnerability": "VCID-wyv2-15dp-8udp" }, { "vulnerability": "VCID-wzcg-wnnq-uudu" }, { "vulnerability": "VCID-x1xg-sy2w-h7hy" }, { "vulnerability": "VCID-xdsv-nbjf-1qbu" }, { "vulnerability": "VCID-xrgt-rdg1-3kc2" }, { "vulnerability": "VCID-xzxz-hs8y-93bf" }, { "vulnerability": "VCID-y2ze-pnbz-g7eg" }, { "vulnerability": "VCID-ya5v-gewx-gudt" }, { "vulnerability": "VCID-yt2x-914b-27dz" }, { "vulnerability": "VCID-yzq8-6bnc-byf9" }, { "vulnerability": "VCID-z58v-fmp4-n3dh" }, { "vulnerability": "VCID-z7t9-t3q2-pycf" }, { "vulnerability": "VCID-z91k-1zwf-pbc3" }, { "vulnerability": "VCID-zabm-9s5c-1bac" }, { "vulnerability": "VCID-zgyj-4zuz-wkev" }, { "vulnerability": "VCID-zubf-dqv7-xkf3" }, { "vulnerability": "VCID-zx6g-p961-e3bt" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/60732?format=api", "purl": "pkg:composer/magento/community-edition@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b6m-qfes-mqab" }, { "vulnerability": "VCID-1k4q-2ttb-13hd" }, { "vulnerability": "VCID-6wdt-8fbe-hkbe" }, { "vulnerability": "VCID-8ape-agd1-s7hf" }, { "vulnerability": "VCID-apue-gaqy-n3cq" }, { "vulnerability": "VCID-c4ms-3und-c7d1" }, { "vulnerability": "VCID-c4mx-9727-nfgs" }, { "vulnerability": "VCID-cae3-fgn1-83hu" }, { "vulnerability": "VCID-dpm5-tmsy-2bez" }, { "vulnerability": "VCID-dqkx-knjf-47hh" }, { "vulnerability": "VCID-e7k8-hmqe-wufh" }, { "vulnerability": "VCID-ed87-d3y2-wfck" }, { "vulnerability": "VCID-fgqe-h7ey-33bd" }, { "vulnerability": "VCID-gyj5-abau-uyf6" }, { "vulnerability": "VCID-h4nn-2mrj-g3ds" }, { "vulnerability": "VCID-h64s-51sc-huga" }, { "vulnerability": "VCID-hq7k-qz7g-4bc2" }, { "vulnerability": "VCID-hufp-fajk-n7gu" }, { "vulnerability": "VCID-j77a-cqsd-wuf1" }, { "vulnerability": "VCID-jmhs-9u49-ekbj" }, { "vulnerability": "VCID-kyvw-d4e8-1fd4" }, { "vulnerability": "VCID-mtes-xpe5-qkdj" }, { "vulnerability": "VCID-mzsj-dck5-pqc5" }, { "vulnerability": "VCID-nm39-k1su-yyep" }, { "vulnerability": "VCID-px1s-dzpe-qbfx" }, { "vulnerability": "VCID-pxxm-ce8x-abdq" }, { "vulnerability": "VCID-q4yr-fqww-tbb1" }, { "vulnerability": "VCID-qq42-4zzt-3kh2" }, { "vulnerability": "VCID-qx68-8xvf-a7hy" }, { "vulnerability": "VCID-sd6n-a9mk-aufb" }, { "vulnerability": "VCID-spjd-9z79-jueh" }, { "vulnerability": "VCID-u2hc-27c2-1udc" }, { "vulnerability": "VCID-vcdk-gdky-7fdg" }, { "vulnerability": "VCID-ve4u-d5rz-wyab" }, { "vulnerability": "VCID-vp8y-y64r-wkc9" }, { "vulnerability": "VCID-w4uu-k7nk-a7hr" }, { "vulnerability": "VCID-wbt5-q9qd-8kby" }, { "vulnerability": "VCID-xbhh-m11c-gkeu" }, { "vulnerability": "VCID-yvcy-4e8m-p3b8" }, { "vulnerability": "VCID-zkkk-5q62-ubca" }, { "vulnerability": "VCID-zubf-dqv7-xkf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/58955?format=api", "purl": "pkg:composer/magento/community-edition@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1k4q-2ttb-13hd" }, { "vulnerability": "VCID-2g87-y8ek-xfdr" }, { "vulnerability": "VCID-2ttz-k7d2-jucf" }, { "vulnerability": "VCID-36ve-7wxt-z7fz" }, { "vulnerability": "VCID-4cbe-djqs-tug1" }, { "vulnerability": "VCID-4w1v-es9j-subp" }, { "vulnerability": "VCID-69wt-c418-mubr" }, { "vulnerability": "VCID-6mjf-p1d9-8qa1" }, { "vulnerability": "VCID-8u5e-d6nx-3khc" }, { "vulnerability": "VCID-b5hn-f1qk-z7cu" }, { "vulnerability": "VCID-c1ta-jffg-cfg9" }, { "vulnerability": "VCID-cfjt-51xj-qqdw" }, { "vulnerability": "VCID-er49-k3tc-ufcu" }, { "vulnerability": "VCID-fz6y-fece-skgr" }, { "vulnerability": "VCID-gxnx-f2qh-3yf9" }, { "vulnerability": "VCID-hspp-kw5e-akbr" }, { "vulnerability": "VCID-kgws-xvjr-g7bv" }, { "vulnerability": "VCID-kv6x-nz1s-uuar" }, { "vulnerability": "VCID-n5mn-3a8f-nbdb" }, { "vulnerability": "VCID-nn21-hf8r-ykfd" }, { "vulnerability": "VCID-p1py-xewy-7khn" }, { "vulnerability": "VCID-p9qx-66yy-1kc1" }, { "vulnerability": "VCID-pm85-dfg2-euep" }, { "vulnerability": "VCID-rgnq-s54v-vkdm" }, { "vulnerability": "VCID-w42y-yc7r-kqhp" }, { "vulnerability": "VCID-wh14-k3ex-pubq" }, { "vulnerability": "VCID-yvcy-4e8m-p3b8" }, { "vulnerability": "VCID-ze8y-4wfs-hbf9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/magento/community-edition@2.4.2" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00731", "scoring_system": "epss", "scoring_elements": "0.73061", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-28566" }, { "reference_url": "https://github.com/magento/magento2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2" }, { "reference_url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/magento/magento2/commit/1bd5cb8c065e44779526c0b044ce19b884707695" }, { "reference_url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://helpx.adobe.com/security/products/magento/apsb21-30.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566", "reference_id": "CVE-2021-28566", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28566" }, { "reference_url": "https://github.com/advisories/GHSA-w942-fw92-mqm2", "reference_id": "GHSA-w942-fw92-mqm2", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w942-fw92-mqm2" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 200, "name": "Exposure of Sensitive Information to an Unauthorized Actor", "description": "The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information." } ], "exploits": [], "severity_range_score": "0.1 - 3.7", "exploitability": "0.5", "weighted_severity": "3.3", "risk_score": 1.6, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1k4q-2ttb-13hd" }