Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/ckeditor@4.19.0%2Bdfsg-1?distro=sid
Typedeb
Namespacedebian
Nameckeditor
Version4.19.0+dfsg-1
Qualifiers
distro sid
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.22.1+dfsg-1
Latest_non_vulnerable_version4.22.1+dfsg-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4x92-vapt-n7dz
vulnerability_id VCID-4x92-vapt-n7dz
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CKEditor4 is an open source WYSIWYG HTML editor. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, which could result in executing JavaScript code. It affects all users using the CKEditor 4 at The problem has been recognized and patched.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41165
reference_id
reference_type
scores
0
value 0.00117
scoring_system epss
scoring_elements 0.30384
published_at 2026-04-16T12:55:00Z
1
value 0.00117
scoring_system epss
scoring_elements 0.30364
published_at 2026-04-18T12:55:00Z
2
value 0.00117
scoring_system epss
scoring_elements 0.30478
published_at 2026-04-01T12:55:00Z
3
value 0.00117
scoring_system epss
scoring_elements 0.30506
published_at 2026-04-02T12:55:00Z
4
value 0.00117
scoring_system epss
scoring_elements 0.30552
published_at 2026-04-04T12:55:00Z
5
value 0.00117
scoring_system epss
scoring_elements 0.30362
published_at 2026-04-07T12:55:00Z
6
value 0.00117
scoring_system epss
scoring_elements 0.30422
published_at 2026-04-08T12:55:00Z
7
value 0.00117
scoring_system epss
scoring_elements 0.30456
published_at 2026-04-09T12:55:00Z
8
value 0.00117
scoring_system epss
scoring_elements 0.30459
published_at 2026-04-11T12:55:00Z
9
value 0.00117
scoring_system epss
scoring_elements 0.30415
published_at 2026-04-12T12:55:00Z
10
value 0.00117
scoring_system epss
scoring_elements 0.30366
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41165
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41165
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41165
2
reference_url https://github.com/ckeditor/ckeditor4
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor4
3
reference_url https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-417
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-417
4
reference_url https://www.drupal.org/sa-core-2021-011
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2021-011
5
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
6
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
7
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217
reference_id 1015217
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999909
reference_id 999909
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999909
10
reference_url https://security.archlinux.org/AVG-2565
reference_id AVG-2565
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2565
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41165
reference_id CVE-2021-41165
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41165
12
reference_url https://github.com/advisories/GHSA-7h26-63m7-qhf2
reference_id GHSA-7h26-63m7-qhf2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7h26-63m7-qhf2
13
reference_url https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7h26-63m7-qhf2
reference_id GHSA-7h26-63m7-qhf2
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements
1
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7h26-63m7-qhf2
fixed_packages
0
url pkg:deb/debian/ckeditor@4.19.0%2Bdfsg-1?distro=sid
purl pkg:deb/debian/ckeditor@4.19.0%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.19.0%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/ckeditor@4.19.1%2Bdfsg-1?distro=sid
purl pkg:deb/debian/ckeditor@4.19.1%2Bdfsg-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-k7qp-c6vp-sqbg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.19.1%252Bdfsg-1%3Fdistro=sid
2
url pkg:deb/debian/ckeditor@4.22.1%2Bdfsg1-2?distro=sid
purl pkg:deb/debian/ckeditor@4.22.1%2Bdfsg1-2?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3tqv-ppue-57fr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.22.1%252Bdfsg1-2%3Fdistro=sid
aliases CVE-2021-41165, GHSA-7h26-63m7-qhf2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4x92-vapt-n7dz
1
url VCID-8hvk-a5es-v3e4
vulnerability_id VCID-8hvk-a5es-v3e4
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CKEditor4 is an open source WYSIWYG HTML editor. The vulnerability allowed to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41164
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.22997
published_at 2026-04-04T12:55:00Z
1
value 0.00076
scoring_system epss
scoring_elements 0.22851
published_at 2026-04-18T12:55:00Z
2
value 0.00076
scoring_system epss
scoring_elements 0.22857
published_at 2026-04-16T12:55:00Z
3
value 0.00076
scoring_system epss
scoring_elements 0.22916
published_at 2026-04-09T12:55:00Z
4
value 0.00076
scoring_system epss
scoring_elements 0.22863
published_at 2026-04-08T12:55:00Z
5
value 0.00076
scoring_system epss
scoring_elements 0.22783
published_at 2026-04-01T12:55:00Z
6
value 0.00076
scoring_system epss
scoring_elements 0.22789
published_at 2026-04-07T12:55:00Z
7
value 0.00076
scoring_system epss
scoring_elements 0.22953
published_at 2026-04-02T12:55:00Z
8
value 0.00076
scoring_system epss
scoring_elements 0.22843
published_at 2026-04-13T12:55:00Z
9
value 0.00076
scoring_system epss
scoring_elements 0.229
published_at 2026-04-12T12:55:00Z
10
value 0.00076
scoring_system epss
scoring_elements 0.22936
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41164
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41164
2
reference_url https://github.com/ckeditor/ckeditor4
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor4
3
reference_url https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-417
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-417
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP/
8
reference_url https://www.drupal.org/sa-core-2021-011
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.drupal.org/sa-core-2021-011
9
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
10
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2022.html
11
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999909
reference_id 999909
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999909
13
reference_url https://security.archlinux.org/AVG-2565
reference_id AVG-2565
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2565
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-41164
reference_id CVE-2021-41164
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-41164
15
reference_url https://github.com/advisories/GHSA-pvmx-g8h5-cprj
reference_id GHSA-pvmx-g8h5-cprj
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pvmx-g8h5-cprj
16
reference_url https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-pvmx-g8h5-cprj
reference_id GHSA-pvmx-g8h5-cprj
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements
1
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-pvmx-g8h5-cprj
fixed_packages
0
url pkg:deb/debian/ckeditor@4.19.0%2Bdfsg-1?distro=sid
purl pkg:deb/debian/ckeditor@4.19.0%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.19.0%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/ckeditor@4.19.1%2Bdfsg-1?distro=sid
purl pkg:deb/debian/ckeditor@4.19.1%2Bdfsg-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-k7qp-c6vp-sqbg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.19.1%252Bdfsg-1%3Fdistro=sid
2
url pkg:deb/debian/ckeditor@4.22.1%2Bdfsg1-2?distro=sid
purl pkg:deb/debian/ckeditor@4.22.1%2Bdfsg1-2?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3tqv-ppue-57fr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.22.1%252Bdfsg1-2%3Fdistro=sid
aliases CVE-2021-41164, GHSA-pvmx-g8h5-cprj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8hvk-a5es-v3e4
2
url VCID-un66-k85j-b7d2
vulnerability_id VCID-un66-k85j-b7d2
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently no known workarounds.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24728
reference_id
reference_type
scores
0
value 0.00796
scoring_system epss
scoring_elements 0.73937
published_at 2026-04-02T12:55:00Z
1
value 0.00796
scoring_system epss
scoring_elements 0.73978
published_at 2026-04-13T12:55:00Z
2
value 0.00796
scoring_system epss
scoring_elements 0.73986
published_at 2026-04-12T12:55:00Z
3
value 0.00796
scoring_system epss
scoring_elements 0.74004
published_at 2026-04-11T12:55:00Z
4
value 0.00796
scoring_system epss
scoring_elements 0.73981
published_at 2026-04-09T12:55:00Z
5
value 0.00796
scoring_system epss
scoring_elements 0.73967
published_at 2026-04-08T12:55:00Z
6
value 0.00796
scoring_system epss
scoring_elements 0.73933
published_at 2026-04-07T12:55:00Z
7
value 0.00796
scoring_system epss
scoring_elements 0.73962
published_at 2026-04-04T12:55:00Z
8
value 0.01069
scoring_system epss
scoring_elements 0.77755
published_at 2026-04-18T12:55:00Z
9
value 0.01069
scoring_system epss
scoring_elements 0.77756
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24728
1
reference_url https://ckeditor.com/cke4/release/CKEditor-4.18.0
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:08:59Z/
url https://ckeditor.com/cke4/release/CKEditor-4.18.0
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24728
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24728
3
reference_url https://github.com/ckeditor/ckeditor4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ckeditor/ckeditor4
4
reference_url https://github.com/ckeditor/ckeditor4/commit/d158413449692d920a778503502dcb22881bc949
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:08:59Z/
url https://github.com/ckeditor/ckeditor4/commit/d158413449692d920a778503502dcb22881bc949
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP/
9
reference_url https://securitylab.github.com/advisories/GHSL-2022-009_ckeditor4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://securitylab.github.com/advisories/GHSL-2022-009_ckeditor4
10
reference_url https://securitylab.github.com/advisories/GHSL-2022-009_ckeditor4/
reference_id
reference_type
scores
url https://securitylab.github.com/advisories/GHSL-2022-009_ckeditor4/
11
reference_url https://www.drupal.org/sa-core-2022-005
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:08:59Z/
url https://www.drupal.org/sa-core-2022-005
12
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:08:59Z/
url https://www.oracle.com/security-alerts/cpujul2022.html
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217
reference_id 1015217
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015217
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24728
reference_id CVE-2022-24728
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24728
15
reference_url https://github.com/advisories/GHSA-4fc4-4p5g-6w89
reference_id GHSA-4fc4-4p5g-6w89
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4fc4-4p5g-6w89
16
reference_url https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-4fc4-4p5g-6w89
reference_id GHSA-4fc4-4p5g-6w89
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements
1
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:08:59Z/
url https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-4fc4-4p5g-6w89
17
reference_url https://usn.ubuntu.com/7258-1/
reference_id USN-7258-1
reference_type
scores
url https://usn.ubuntu.com/7258-1/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6/
reference_id VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:08:59Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP/
reference_id WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:08:59Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP/
fixed_packages
0
url pkg:deb/debian/ckeditor@4.19.0%2Bdfsg-1?distro=sid
purl pkg:deb/debian/ckeditor@4.19.0%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.19.0%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/ckeditor@4.19.1%2Bdfsg-1?distro=sid
purl pkg:deb/debian/ckeditor@4.19.1%2Bdfsg-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-k7qp-c6vp-sqbg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.19.1%252Bdfsg-1%3Fdistro=sid
2
url pkg:deb/debian/ckeditor@4.22.1%2Bdfsg1-2?distro=sid
purl pkg:deb/debian/ckeditor@4.22.1%2Bdfsg1-2?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3tqv-ppue-57fr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.22.1%252Bdfsg1-2%3Fdistro=sid
aliases CVE-2022-24728, GHSA-4fc4-4p5g-6w89
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-un66-k85j-b7d2
3
url VCID-xhp7-kqdk-tfeu
vulnerability_id VCID-xhp7-kqdk-tfeu
summary 
Improper Input Validation
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24729
reference_id
reference_type
scores
0
value 0.00857
scoring_system epss
scoring_elements 0.74944
published_at 2026-04-02T12:55:00Z
1
value 0.00857
scoring_system epss
scoring_elements 0.74973
published_at 2026-04-04T12:55:00Z
2
value 0.00857
scoring_system epss
scoring_elements 0.74949
published_at 2026-04-07T12:55:00Z
3
value 0.00857
scoring_system epss
scoring_elements 0.74983
published_at 2026-04-08T12:55:00Z
4
value 0.00857
scoring_system epss
scoring_elements 0.74995
published_at 2026-04-09T12:55:00Z
5
value 0.00857
scoring_system epss
scoring_elements 0.75017
published_at 2026-04-11T12:55:00Z
6
value 0.00857
scoring_system epss
scoring_elements 0.74996
published_at 2026-04-12T12:55:00Z
7
value 0.00857
scoring_system epss
scoring_elements 0.74986
published_at 2026-04-13T12:55:00Z
8
value 0.00857
scoring_system epss
scoring_elements 0.75022
published_at 2026-04-16T12:55:00Z
9
value 0.00857
scoring_system epss
scoring_elements 0.75029
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24729
1
reference_url https://ckeditor.com/cke4/release/CKEditor-4.18.0
reference_id
reference_type
scores
url https://ckeditor.com/cke4/release/CKEditor-4.18.0
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24729
3
reference_url https://www.drupal.org/sa-core-2022-005
reference_id
reference_type
scores
url https://www.drupal.org/sa-core-2022-005
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24729
reference_id CVE-2022-24729
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-24729
5
reference_url https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-f6rf-9m92-x2hh
reference_id GHSA-f6rf-9m92-x2hh
reference_type
scores
url https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-f6rf-9m92-x2hh
fixed_packages
0
url pkg:deb/debian/ckeditor@4.19.0%2Bdfsg-1?distro=sid
purl pkg:deb/debian/ckeditor@4.19.0%2Bdfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.19.0%252Bdfsg-1%3Fdistro=sid
1
url pkg:deb/debian/ckeditor@4.19.1%2Bdfsg-1?distro=sid
purl pkg:deb/debian/ckeditor@4.19.1%2Bdfsg-1?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-k7qp-c6vp-sqbg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.19.1%252Bdfsg-1%3Fdistro=sid
2
url pkg:deb/debian/ckeditor@4.22.1%2Bdfsg1-2?distro=sid
purl pkg:deb/debian/ckeditor@4.22.1%2Bdfsg1-2?distro=sid
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3tqv-ppue-57fr
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.22.1%252Bdfsg1-2%3Fdistro=sid
aliases CVE-2022-24729, GHSA-f6rf-9m92-x2hh
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xhp7-kqdk-tfeu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/ckeditor@4.19.0%252Bdfsg-1%3Fdistro=sid