Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/54901?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54901?format=api", "vulnerability_id": "VCID-qymv-b76a-2yh2", "summary": "Ez Platform Object Injection in legacy shop module\nThis Security Advisory is about a vulnerability in the Legacy shop module. A backend editor could perform object injection in discount rules. This would require backend access and permission to edit discount rules. While object injection in itself is a serious vulnerability, the permission requirement means that normally only administrators would be able to exploit it, that's why it was classified as Medium severity.", "aliases": [ { "alias": "GHSA-39j2-4p9j-5w4j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/534871?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.7.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.7.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/534879?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.03.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.03.5.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/56948?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@5.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-a651-ayct-2fa1" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-gnad-89bk-x7cq" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@5.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/81395?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-a651-ayct-2fa1" }, { "vulnerability": "VCID-bmkb-zcyd-6kdk" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/216354?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-a651-ayct-2fa1" }, { "vulnerability": "VCID-bmkb-zcyd-6kdk" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/216355?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.1.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-a651-ayct-2fa1" }, { "vulnerability": "VCID-bmkb-zcyd-6kdk" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.1.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/216356?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-a651-ayct-2fa1" }, { "vulnerability": "VCID-bmkb-zcyd-6kdk" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/228264?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.2.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.2.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/228265?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.2.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.2.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/228266?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/228267?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/228268?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.3.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.3.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/228269?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2975-xhf4-ckcj" }, { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-rkq7-5cdy-k7d8" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/228279?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-2adj-kpzr-eycv" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ufw5-emg4-cqd6" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.4.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/228782?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-eaqz-xw6f-6yeb" }, { "vulnerability": "VCID-f41r-p9hu-hyhx" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/250596?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.4.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.4.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/250597?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.5" }, { "url": "http://public2.vulnerablecode.io/api/packages/250598?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.6" }, { "url": "http://public2.vulnerablecode.io/api/packages/250599?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.7" }, { "url": "http://public2.vulnerablecode.io/api/packages/250600?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2017.12.7.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-qymv-b76a-2yh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2017.12.7.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/56951?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-8zn2-ztg4-s3ex" }, { "vulnerability": "VCID-qymv-b76a-2yh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/250603?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.03.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.03.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/250604?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.03.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.03.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/250605?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.03.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.03.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/250606?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.03.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.03.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/250607?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.03.4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-6cyy-uhhk-63aa" }, { "vulnerability": "VCID-qymv-b76a-2yh2" }, { "vulnerability": "VCID-ukn1-91je-x7hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.03.4" }, { "url": "http://public2.vulnerablecode.io/api/packages/250608?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.03.4.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-qymv-b76a-2yh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.03.4.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/534878?format=api", "purl": "pkg:composer/ezsystems/ezpublish-legacy@2019.03.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29ju-364n-qkch" }, { "vulnerability": "VCID-qymv-b76a-2yh2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/ezsystems/ezpublish-legacy@2019.03.5" } ], "references": [ { "reference_url": "https://ezplatform.com/security-advisories/ibexa-sa-2020-006-object-injection-in-legacy-shop-module", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://ezplatform.com/security-advisories/ibexa-sa-2020-006-object-injection-in-legacy-shop-module" }, { "reference_url": "https://github.com/ezsystems/ezpublish-legacy", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ezsystems/ezpublish-legacy" }, { "reference_url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2020-10-05-1.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/ezsystems/ezpublish-legacy/2020-10-05-1.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-39j2-4p9j-5w4j", "reference_id": "GHSA-39j2-4p9j-5w4j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-39j2-4p9j-5w4j" } ], "weaknesses": [ { "cwe_id": 94, "name": "Improper Control of Generation of Code ('Code Injection')", "description": "The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qymv-b76a-2yh2" }