Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/50182?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50182?format=api", "vulnerability_id": "VCID-daww-8648-tqax", "summary": "Moderate severity vulnerability that affects sprockets\nWithdrawn, accidental duplicate publish.\n\nMultiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding.", "aliases": [ { "alias": "GHSA-r4x3-g983-9g48" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/20866?format=api", "purl": "pkg:gem/sprockets@2.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/20867?format=api", "purl": "pkg:gem/sprockets@2.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20871?format=api", "purl": "pkg:gem/sprockets@2.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20873?format=api", "purl": "pkg:gem/sprockets@2.4.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/20874?format=api", "purl": "pkg:gem/sprockets@2.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20875?format=api", "purl": "pkg:gem/sprockets@2.7.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.7.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/20876?format=api", "purl": "pkg:gem/sprockets@2.8.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.8.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20877?format=api", "purl": "pkg:gem/sprockets@2.9.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.9.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/20868?format=api", "purl": "pkg:gem/sprockets@2.10.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.10.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20869?format=api", "purl": "pkg:gem/sprockets@2.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/20870?format=api", "purl": "pkg:gem/sprockets@2.12.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.12.3" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/133177?format=api", "purl": "pkg:gem/sprockets@0.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@0.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133178?format=api", "purl": "pkg:gem/sprockets@0.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@0.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133179?format=api", "purl": "pkg:gem/sprockets@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133180?format=api", "purl": "pkg:gem/sprockets@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133181?format=api", "purl": "pkg:gem/sprockets@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/20853?format=api", "purl": "pkg:gem/sprockets@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133182?format=api", "purl": "pkg:gem/sprockets@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133183?format=api", "purl": "pkg:gem/sprockets@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/133184?format=api", "purl": "pkg:gem/sprockets@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/133185?format=api", "purl": "pkg:gem/sprockets@2.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/133187?format=api", "purl": "pkg:gem/sprockets@2.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133188?format=api", "purl": "pkg:gem/sprockets@2.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133189?format=api", "purl": "pkg:gem/sprockets@2.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/133190?format=api", "purl": "pkg:gem/sprockets@2.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/133192?format=api", "purl": "pkg:gem/sprockets@2.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133193?format=api", "purl": "pkg:gem/sprockets@2.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133194?format=api", "purl": "pkg:gem/sprockets@2.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/133199?format=api", "purl": "pkg:gem/sprockets@2.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133200?format=api", "purl": "pkg:gem/sprockets@2.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133201?format=api", "purl": "pkg:gem/sprockets@2.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/133202?format=api", "purl": "pkg:gem/sprockets@2.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/133203?format=api", "purl": "pkg:gem/sprockets@2.4.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/133204?format=api", "purl": "pkg:gem/sprockets@2.4.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.4.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/78159?format=api", "purl": "pkg:gem/sprockets@2.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133205?format=api", "purl": "pkg:gem/sprockets@2.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/173704?format=api", "purl": "pkg:gem/sprockets@2.6.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.6.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133206?format=api", "purl": "pkg:gem/sprockets@2.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133207?format=api", "purl": "pkg:gem/sprockets@2.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133208?format=api", "purl": "pkg:gem/sprockets@2.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133209?format=api", "purl": "pkg:gem/sprockets@2.8.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.8.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/133210?format=api", "purl": "pkg:gem/sprockets@2.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133211?format=api", "purl": "pkg:gem/sprockets@2.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/133212?format=api", "purl": "pkg:gem/sprockets@2.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.9.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/133213?format=api", "purl": "pkg:gem/sprockets@2.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133214?format=api", "purl": "pkg:gem/sprockets@2.10.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.10.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133215?format=api", "purl": "pkg:gem/sprockets@2.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133216?format=api", "purl": "pkg:gem/sprockets@2.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/133217?format=api", "purl": "pkg:gem/sprockets@2.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/133218?format=api", "purl": "pkg:gem/sprockets@2.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-daww-8648-tqax" }, { "vulnerability": "VCID-g8de-56gr-37cf" }, { "vulnerability": "VCID-s6cp-dk5r-v3aw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:gem/sprockets@2.12.2" } ], "references": [ { "reference_url": "https://github.com/advisories/GHSA-r4x3-g983-9g48", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r4x3-g983-9g48" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7819", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7819" } ], "weaknesses": [], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-daww-8648-tqax" }