{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8773?format=json","vulnerability_id":"VCID-raa9-mp3v-57c3","summary":"ReDoS\nThere is a Regular Expression Denial of Service vulnerability in the strict mode functionality.","aliases":[{"alias":"GMS-2018-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26428?format=json","purl":"pkg:npm/ssri@5.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-w93e-wkm9-kuex"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@5.2.2"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/167958?format=json","purl":"pkg:npm/ssri@0.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@0.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/167959?format=json","purl":"pkg:npm/ssri@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/167960?format=json","purl":"pkg:npm/ssri@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/167961?format=json","purl":"pkg:npm/ssri@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@3.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/167962?format=json","purl":"pkg:npm/ssri@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@3.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/167963?format=json","purl":"pkg:npm/ssri@3.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@3.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/167964?format=json","purl":"pkg:npm/ssri@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@4.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/167965?format=json","purl":"pkg:npm/ssri@4.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@4.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/167966?format=json","purl":"pkg:npm/ssri@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/167967?format=json","purl":"pkg:npm/ssri@4.1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@4.1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/167968?format=json","purl":"pkg:npm/ssri@4.1.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@4.1.3"},{"url":"http://public2.vulnerablecode.io/api/packages/167969?format=json","purl":"pkg:npm/ssri@4.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@4.1.4"},{"url":"http://public2.vulnerablecode.io/api/packages/167970?format=json","purl":"pkg:npm/ssri@4.1.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@4.1.5"},{"url":"http://public2.vulnerablecode.io/api/packages/167971?format=json","purl":"pkg:npm/ssri@4.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@4.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/167972?format=json","purl":"pkg:npm/ssri@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@5.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/167973?format=json","purl":"pkg:npm/ssri@5.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@5.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/26427?format=json","purl":"pkg:npm/ssri@5.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-r77r-rudr-sffr"},{"vulnerability":"VCID-raa9-mp3v-57c3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:npm/ssri@5.2.1"}],"references":[{"reference_url":"https://github.com/zkat/ssri/commit/d0ebcdc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/zkat/ssri/commit/d0ebcdc"},{"reference_url":"https://github.com/zkat/ssri/pull/10","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/zkat/ssri/pull/10"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-raa9-mp3v-57c3"}