Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/element-web@1.11.4-r0?arch=armv7&distroversion=v3.19&reponame=community
Typeapk
Namespacealpine
Nameelement-web
Version1.11.4-r0
Qualifiers
arch armv7
distroversion v3.19
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.11.7-r0
Latest_non_vulnerable_version1.11.30-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-cw2e-p5x2-j7fu
vulnerability_id VCID-cw2e-p5x2-j7fu
summary 
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This issue has been fixed in matrix-js-sdk 19.4.0 and users are advised to upgrade. Users unable to upgrade may mitigate this issue by redacting applicable events, waiting for the sync processor to store data, and restarting the client. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36059.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36059.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36059
reference_id
reference_type
scores
0
value 0.00567
scoring_system epss
scoring_elements 0.68538
published_at 2026-04-18T12:55:00Z
1
value 0.00567
scoring_system epss
scoring_elements 0.68525
published_at 2026-04-16T12:55:00Z
2
value 0.00567
scoring_system epss
scoring_elements 0.68486
published_at 2026-04-13T12:55:00Z
3
value 0.00567
scoring_system epss
scoring_elements 0.68518
published_at 2026-04-12T12:55:00Z
4
value 0.00567
scoring_system epss
scoring_elements 0.6853
published_at 2026-04-11T12:55:00Z
5
value 0.00567
scoring_system epss
scoring_elements 0.68504
published_at 2026-04-09T12:55:00Z
6
value 0.00567
scoring_system epss
scoring_elements 0.68487
published_at 2026-04-08T12:55:00Z
7
value 0.00567
scoring_system epss
scoring_elements 0.68437
published_at 2026-04-07T12:55:00Z
8
value 0.00567
scoring_system epss
scoring_elements 0.68441
published_at 2026-04-02T12:55:00Z
9
value 0.00567
scoring_system epss
scoring_elements 0.6846
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36059
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36059
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36059
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/matrix-org/matrix-js-sdk
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/matrix-org/matrix-js-sdk
5
reference_url https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.4.0
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/matrix-org/matrix-js-sdk/releases/tag/v19.4.0
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018970
reference_id 1018970
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018970
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2123258
reference_id 2123258
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2123258
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36059
reference_id CVE-2022-36059
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36059
9
reference_url https://github.com/advisories/GHSA-rfv9-x7hh-xc32
reference_id GHSA-rfv9-x7hh-xc32
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rfv9-x7hh-xc32
10
reference_url https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32
reference_id GHSA-rfv9-x7hh-xc32
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:05:25Z/
url https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
reference_id mfsa2022-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-38
12
reference_url https://access.redhat.com/errata/RHSA-2022:6708
reference_id RHSA-2022:6708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6708
13
reference_url https://access.redhat.com/errata/RHSA-2022:6710
reference_id RHSA-2022:6710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6710
14
reference_url https://access.redhat.com/errata/RHSA-2022:6713
reference_id RHSA-2022:6713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6713
15
reference_url https://access.redhat.com/errata/RHSA-2022:6715
reference_id RHSA-2022:6715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6715
16
reference_url https://access.redhat.com/errata/RHSA-2022:6716
reference_id RHSA-2022:6716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6716
17
reference_url https://access.redhat.com/errata/RHSA-2022:6717
reference_id RHSA-2022:6717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6717
18
reference_url https://usn.ubuntu.com/5663-1/
reference_id USN-5663-1
reference_type
scores
url https://usn.ubuntu.com/5663-1/
fixed_packages
0
url pkg:apk/alpine/element-web@1.11.4-r0?arch=armv7&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/element-web@1.11.4-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/element-web@1.11.4-r0%3Farch=armv7&distroversion=v3.19&reponame=community
aliases CVE-2022-36059, GHSA-rfv9-x7hh-xc32
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cw2e-p5x2-j7fu
1
url VCID-ybpz-t956-k7fb
vulnerability_id VCID-ybpz-t956-k7fb
summary 
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. Events sent with special strings in key places can temporarily disrupt or impede the matrix-react-sdk from functioning properly, such as by causing room or event tile crashes. The remainder of the application can appear functional, though certain rooms/events will not be rendered. This issue has been fixed in matrix-react-sdk 3.53.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36060
reference_id
reference_type
scores
0
value 0.00424
scoring_system epss
scoring_elements 0.62213
published_at 2026-04-12T12:55:00Z
1
value 0.00424
scoring_system epss
scoring_elements 0.62243
published_at 2026-04-18T12:55:00Z
2
value 0.00424
scoring_system epss
scoring_elements 0.62236
published_at 2026-04-16T12:55:00Z
3
value 0.00424
scoring_system epss
scoring_elements 0.62192
published_at 2026-04-13T12:55:00Z
4
value 0.0044
scoring_system epss
scoring_elements 0.63138
published_at 2026-04-02T12:55:00Z
5
value 0.0044
scoring_system epss
scoring_elements 0.63167
published_at 2026-04-04T12:55:00Z
6
value 0.0044
scoring_system epss
scoring_elements 0.63132
published_at 2026-04-07T12:55:00Z
7
value 0.0044
scoring_system epss
scoring_elements 0.63184
published_at 2026-04-08T12:55:00Z
8
value 0.0044
scoring_system epss
scoring_elements 0.63201
published_at 2026-04-09T12:55:00Z
9
value 0.0044
scoring_system epss
scoring_elements 0.63219
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36060
1
reference_url https://github.com/matrix-org/matrix-react-sdk
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/matrix-org/matrix-react-sdk
2
reference_url https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.53.0
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.53.0
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36060
reference_id CVE-2022-36060
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36060
4
reference_url https://github.com/advisories/GHSA-2x9c-qwgf-94xr
reference_id GHSA-2x9c-qwgf-94xr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2x9c-qwgf-94xr
5
reference_url https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-2x9c-qwgf-94xr
reference_id GHSA-2x9c-qwgf-94xr
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T19:56:40Z/
url https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-2x9c-qwgf-94xr
fixed_packages
0
url pkg:apk/alpine/element-web@1.11.4-r0?arch=armv7&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/element-web@1.11.4-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/element-web@1.11.4-r0%3Farch=armv7&distroversion=v3.19&reponame=community
aliases CVE-2022-36060, GHSA-2x9c-qwgf-94xr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ybpz-t956-k7fb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/element-web@1.11.4-r0%3Farch=armv7&distroversion=v3.19&reponame=community