Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie

Type deb

Namespace debian

Name zabbix

Version 1:6.0.7+dfsg-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:6.0.13+dfsg-1

Latest_non_vulnerable_version 1:7.0.22+dfsg-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-18fv-tqjq-p3ce

vulnerability_id VCID-18fv-tqjq-p3ce

summary An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24349

reference_id

reference_type

scores

value	0.00213
scoring_system	epss
scoring_elements	0.43854
published_at	2026-04-13T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43878
published_at	2026-04-02T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43902
published_at	2026-04-04T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43832
published_at	2026-04-07T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43883
published_at	2026-04-08T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43886
published_at	2026-04-09T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43904
published_at	2026-04-11T12:55:00Z

value	0.00213
scoring_system	epss
scoring_elements	0.43871
published_at	2026-04-12T12:55:00Z

value	0.00849
scoring_system	epss
scoring_elements	0.74902
published_at	2026-04-21T12:55:00Z

value	0.00849
scoring_system	epss
scoring_elements	0.74904
published_at	2026-04-16T12:55:00Z

value	0.00849
scoring_system	epss
scoring_elements	0.74911
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24349

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-24349

risk_score 1.1

exploitability 0.5

weighted_severity 2.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-18fv-tqjq-p3ce

url VCID-2hd4-rbph-5qd8

vulnerability_id VCID-2hd4-rbph-5qd8

summary An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-23133

reference_id

reference_type

scores

value	0.00963
scoring_system	epss
scoring_elements	0.76565
published_at	2026-04-21T12:55:00Z

value	0.00963
scoring_system	epss
scoring_elements	0.76477
published_at	2026-04-02T12:55:00Z

value	0.00963
scoring_system	epss
scoring_elements	0.76506
published_at	2026-04-04T12:55:00Z

value	0.00963
scoring_system	epss
scoring_elements	0.76489
published_at	2026-04-07T12:55:00Z

value	0.00963
scoring_system	epss
scoring_elements	0.76521
published_at	2026-04-08T12:55:00Z

value	0.00963
scoring_system	epss
scoring_elements	0.76532
published_at	2026-04-13T12:55:00Z

value	0.00963
scoring_system	epss
scoring_elements	0.76558
published_at	2026-04-11T12:55:00Z

value	0.00963
scoring_system	epss
scoring_elements	0.76537
published_at	2026-04-12T12:55:00Z

value	0.00963
scoring_system	epss
scoring_elements	0.76573
published_at	2026-04-16T12:55:00Z

value	0.00963
scoring_system	epss
scoring_elements	0.76577
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-23133

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23133
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23133

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-23133

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hd4-rbph-5qd8

url VCID-69kr-fmzb-nbdr

vulnerability_id VCID-69kr-fmzb-nbdr

summary Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27234

reference_id

reference_type

scores

value	0.00091
scoring_system	epss
scoring_elements	0.25637
published_at	2026-04-07T12:55:00Z

value	0.00091
scoring_system	epss
scoring_elements	0.25868
published_at	2026-04-04T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.2693
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26983
published_at	2026-04-08T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27028
published_at	2026-04-09T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26987
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27031
published_at	2026-04-11T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.2694
published_at	2026-04-16T12:55:00Z

value	0.001
scoring_system	epss
scoring_elements	0.2776
published_at	2026-04-02T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30678
published_at	2026-04-18T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30644
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27234

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27234
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27234

reference_url

https://support.zabbix.com/browse/ZBX-26985

reference_id

ZBX-26985

reference_type

scores

value	7.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-12T15:16:38Z/

url

https://support.zabbix.com/browse/ZBX-26985

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.47%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.47%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.47%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2025-27234

risk_score 1.8

exploitability 0.5

weighted_severity 3.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-69kr-fmzb-nbdr

url VCID-8cpy-mqfn-y3f9

vulnerability_id VCID-8cpy-mqfn-y3f9

summary An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-35230

reference_id

reference_type

scores

value	0.00874
scoring_system	epss
scoring_elements	0.75306
published_at	2026-04-21T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.75221
published_at	2026-04-02T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.75251
published_at	2026-04-04T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.75229
published_at	2026-04-07T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.75271
published_at	2026-04-08T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.75282
published_at	2026-04-09T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.75302
published_at	2026-04-11T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.7528
published_at	2026-04-12T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.75269
published_at	2026-04-13T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.75308
published_at	2026-04-16T12:55:00Z

value	0.00874
scoring_system	epss
scoring_elements	0.75315
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-35230

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35230
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35230

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014994
reference_id	1014994
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014994

reference_url	https://usn.ubuntu.com/6751-1/
reference_id	USN-6751-1
reference_type
scores
url	https://usn.ubuntu.com/6751-1/

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-35230

risk_score 1.1

exploitability 0.5

weighted_severity 2.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8cpy-mqfn-y3f9

url VCID-9aju-xvg1-n7e5

vulnerability_id VCID-9aju-xvg1-n7e5

summary An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-35229

reference_id

reference_type

scores

value	0.00808
scoring_system	epss
scoring_elements	0.74234
published_at	2026-04-21T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.74152
published_at	2026-04-02T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.74179
published_at	2026-04-04T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.74151
published_at	2026-04-07T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.74184
published_at	2026-04-08T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.74199
published_at	2026-04-09T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.7422
published_at	2026-04-11T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.74203
published_at	2026-04-12T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.74196
published_at	2026-04-13T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.74233
published_at	2026-04-16T12:55:00Z

value	0.00808
scoring_system	epss
scoring_elements	0.74243
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-35229

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35229
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35229

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014992
reference_id	1014992
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014992

reference_url	https://usn.ubuntu.com/6751-1/
reference_id	USN-6751-1
reference_type
scores
url	https://usn.ubuntu.com/6751-1/

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-35229

risk_score 1.1

exploitability 0.5

weighted_severity 2.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9aju-xvg1-n7e5

url VCID-a13m-gsde-jyf3

vulnerability_id VCID-a13m-gsde-jyf3

summary An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-40626

reference_id

reference_type

scores

value	0.01866
scoring_system	epss
scoring_elements	0.83118
published_at	2026-04-21T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83028
published_at	2026-04-02T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83042
published_at	2026-04-04T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.8304
published_at	2026-04-07T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83064
published_at	2026-04-08T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83072
published_at	2026-04-09T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83088
published_at	2026-04-11T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83082
published_at	2026-04-12T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83077
published_at	2026-04-13T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83116
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-40626

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-40626

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a13m-gsde-jyf3

url VCID-f797-yxay-bffg

vulnerability_id VCID-f797-yxay-bffg

summary After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-23134

reference_id

reference_type

scores

value	0.93096
scoring_system	epss
scoring_elements	0.99792
published_at	2026-04-13T12:55:00Z

value	0.93096
scoring_system	epss
scoring_elements	0.99791
published_at	2026-04-07T12:55:00Z

value	0.93096
scoring_system	epss
scoring_elements	0.99794
published_at	2026-04-21T12:55:00Z

value	0.93096
scoring_system	epss
scoring_elements	0.99793
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-23134

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/

reference_id

6SZYHXINBKCY42ITFSNCYE7KCSF33VRA

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:20:09Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/

reference_url

https://lists.debian.org/debian-lts-announce/2022/02/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:20:09Z/

url

https://lists.debian.org/debian-lts-announce/2022/02/msg00008.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/

reference_id

VB6W556GVXOKUYTASTDGL3AI7S3SJHX7

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:20:09Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/

reference_url

https://support.zabbix.com/browse/ZBX-20384

reference_id

ZBX-20384

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:20:09Z/

url

https://support.zabbix.com/browse/ZBX-20384

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-23134

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f797-yxay-bffg

url VCID-gbn9-b2t2-5fbs

vulnerability_id VCID-gbn9-b2t2-5fbs

summary During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-23132

reference_id

reference_type

scores

value	0.00141
scoring_system	epss
scoring_elements	0.34335
published_at	2026-04-21T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34448
published_at	2026-04-02T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34477
published_at	2026-04-04T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34343
published_at	2026-04-07T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34386
published_at	2026-04-08T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34415
published_at	2026-04-09T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34418
published_at	2026-04-11T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34379
published_at	2026-04-12T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34355
published_at	2026-04-13T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34389
published_at	2026-04-16T12:55:00Z

value	0.00141
scoring_system	epss
scoring_elements	0.34375
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-23132

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23132
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23132

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-23132

risk_score 0.8

exploitability 0.5

weighted_severity 1.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gbn9-b2t2-5fbs

url VCID-mggj-rvdd-eqc6

vulnerability_id VCID-mggj-rvdd-eqc6

summary An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24917

reference_id

reference_type

scores

value	0.00301
scoring_system	epss
scoring_elements	0.53445
published_at	2026-04-13T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53387
published_at	2026-04-02T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53413
published_at	2026-04-04T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53382
published_at	2026-04-07T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53434
published_at	2026-04-08T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53429
published_at	2026-04-09T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53478
published_at	2026-04-11T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53462
published_at	2026-04-12T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75433
published_at	2026-04-21T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75438
published_at	2026-04-16T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75444
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24917

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-24917

risk_score 0.9

exploitability 0.5

weighted_severity 1.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mggj-rvdd-eqc6

url VCID-qhxc-w75p-kqaj

vulnerability_id VCID-qhxc-w75p-kqaj

summary An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24919

reference_id

reference_type

scores

value	0.00301
scoring_system	epss
scoring_elements	0.53445
published_at	2026-04-13T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53387
published_at	2026-04-02T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53413
published_at	2026-04-04T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53382
published_at	2026-04-07T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53434
published_at	2026-04-08T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53429
published_at	2026-04-09T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53478
published_at	2026-04-11T12:55:00Z

value	0.00301
scoring_system	epss
scoring_elements	0.53462
published_at	2026-04-12T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75433
published_at	2026-04-21T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75438
published_at	2026-04-16T12:55:00Z

value	0.00882
scoring_system	epss
scoring_elements	0.75444
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24919

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-24919

risk_score 0.9

exploitability 0.5

weighted_severity 1.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qhxc-w75p-kqaj

url VCID-uu3f-3rbn-9fad

vulnerability_id VCID-uu3f-3rbn-9fad

summary An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-24918

reference_id

reference_type

scores

value	0.0097
scoring_system	epss
scoring_elements	0.76651
published_at	2026-04-21T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.76569
published_at	2026-04-02T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.76598
published_at	2026-04-04T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.76578
published_at	2026-04-07T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.7661
published_at	2026-04-08T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.76621
published_at	2026-04-09T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.76647
published_at	2026-04-11T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.76627
published_at	2026-04-12T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.76617
published_at	2026-04-13T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.76659
published_at	2026-04-16T12:55:00Z

value	0.0097
scoring_system	epss
scoring_elements	0.76663
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-24918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24918

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-24918

risk_score 0.9

exploitability 0.5

weighted_severity 1.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uu3f-3rbn-9fad

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

Package Instance