Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/53330?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53330?format=api", "vulnerability_id": "VCID-g7t8-bbkj-t7d8", "summary": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in require-node.", "aliases": [ { "alias": "GHSA-8j6j-4h2c-c65p" }, { "alias": "GMS-2020-469" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/78377?format=api", "purl": "pkg:npm/require-node@1.3.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.3.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/78378?format=api", "purl": "pkg:npm/require-node@2.0.4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@2.0.4" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/270002?format=api", "purl": "pkg:npm/require-node@0.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@0.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270003?format=api", "purl": "pkg:npm/require-node@0.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@0.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270004?format=api", "purl": "pkg:npm/require-node@0.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@0.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270005?format=api", "purl": "pkg:npm/require-node@0.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@0.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/270006?format=api", "purl": "pkg:npm/require-node@0.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@0.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/270007?format=api", "purl": "pkg:npm/require-node@0.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@0.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/270008?format=api", "purl": "pkg:npm/require-node@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270009?format=api", "purl": "pkg:npm/require-node@1.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270010?format=api", "purl": "pkg:npm/require-node@1.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270011?format=api", "purl": "pkg:npm/require-node@1.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/270012?format=api", "purl": "pkg:npm/require-node@1.0.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/270013?format=api", "purl": "pkg:npm/require-node@1.0.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/270014?format=api", "purl": "pkg:npm/require-node@1.0.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/270015?format=api", "purl": "pkg:npm/require-node@1.0.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/270016?format=api", "purl": "pkg:npm/require-node@1.0.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/270017?format=api", "purl": "pkg:npm/require-node@1.0.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.0.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/270018?format=api", "purl": "pkg:npm/require-node@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270019?format=api", "purl": "pkg:npm/require-node@1.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270020?format=api", "purl": "pkg:npm/require-node@1.1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270021?format=api", "purl": "pkg:npm/require-node@1.1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/270022?format=api", "purl": "pkg:npm/require-node@1.1.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.1.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/270023?format=api", "purl": "pkg:npm/require-node@1.1.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.1.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/270024?format=api", "purl": "pkg:npm/require-node@1.1.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.1.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/270025?format=api", "purl": "pkg:npm/require-node@1.1.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.1.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/270026?format=api", "purl": "pkg:npm/require-node@1.1.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.1.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/270027?format=api", "purl": "pkg:npm/require-node@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270028?format=api", "purl": "pkg:npm/require-node@1.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270029?format=api", "purl": "pkg:npm/require-node@1.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270030?format=api", "purl": "pkg:npm/require-node@1.2.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/270031?format=api", "purl": "pkg:npm/require-node@1.2.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/270032?format=api", "purl": "pkg:npm/require-node@1.2.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/270033?format=api", "purl": "pkg:npm/require-node@1.2.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/270034?format=api", "purl": "pkg:npm/require-node@1.2.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/270035?format=api", "purl": "pkg:npm/require-node@1.2.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.8" }, { "url": "http://public2.vulnerablecode.io/api/packages/270036?format=api", "purl": "pkg:npm/require-node@1.2.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.9" }, { "url": "http://public2.vulnerablecode.io/api/packages/270037?format=api", "purl": "pkg:npm/require-node@1.2.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.10" }, { "url": "http://public2.vulnerablecode.io/api/packages/270038?format=api", "purl": "pkg:npm/require-node@1.2.11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/270039?format=api", "purl": "pkg:npm/require-node@1.2.12", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.12" }, { "url": "http://public2.vulnerablecode.io/api/packages/270040?format=api", "purl": "pkg:npm/require-node@1.2.13", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.2.13" }, { "url": "http://public2.vulnerablecode.io/api/packages/270041?format=api", "purl": "pkg:npm/require-node@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270042?format=api", "purl": "pkg:npm/require-node@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270043?format=api", "purl": "pkg:npm/require-node@1.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270044?format=api", "purl": "pkg:npm/require-node@1.3.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@1.3.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/78376?format=api", "purl": "pkg:npm/require-node@2.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@2.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/270045?format=api", "purl": "pkg:npm/require-node@2.0.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@2.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/270046?format=api", "purl": "pkg:npm/require-node@2.0.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@2.0.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/270047?format=api", "purl": "pkg:npm/require-node@2.0.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-g7t8-bbkj-t7d8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:npm/require-node@2.0.3" } ], "references": [ { "reference_url": "https://www.npmjs.com/advisories/1015", "reference_id": "", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.npmjs.com/advisories/1015" }, { "reference_url": "https://github.com/advisories/GHSA-8j6j-4h2c-c65p", "reference_id": "GHSA-8j6j-4h2c-c65p", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-8j6j-4h2c-c65p" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 78, "name": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "description": "The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "9.0 - 10.0", "exploitability": "0.5", "weighted_severity": "9.0", "risk_score": 4.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g7t8-bbkj-t7d8" }