Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-qsxb-qjb1-mqfd
Summary
OpenStack Swift XML external entities (XXE) Injection
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).
Aliases
0
alias CVE-2022-47950
1
alias GHSA-274c-rx2j-2v3x
Fixed_packages
0
url pkg:deb/debian/swift@2.26.0-10%2Bdeb11u1
purl pkg:deb/debian/swift@2.26.0-10%2Bdeb11u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.26.0-10%252Bdeb11u1
1
url pkg:deb/debian/swift@2.26.0-10%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/swift@2.26.0-10%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.26.0-10%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/swift@2.30.0-4?distro=trixie
purl pkg:deb/debian/swift@2.30.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.30.0-4%3Fdistro=trixie
3
url pkg:deb/debian/swift@2.30.1-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/swift@2.30.1-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.30.1-0%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/swift@2.35.1-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/swift@2.35.1-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.35.1-0%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/swift@2.37.1-3?distro=trixie
purl pkg:deb/debian/swift@2.37.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.37.1-3%3Fdistro=trixie
6
url pkg:pypi/swift@2.28.1
purl pkg:pypi/swift@2.28.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.28.1
7
url pkg:pypi/swift@2.29.2
purl pkg:pypi/swift@2.29.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.29.2
8
url pkg:pypi/swift@2.30.1
purl pkg:pypi/swift@2.30.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.30.1
Affected_packages
0
url pkg:deb/debian/swift@1.4.8-2%2Bdeb7u1
purl pkg:deb/debian/swift@1.4.8-2%2Bdeb7u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1k44-tzfw-pkhw
1
vulnerability VCID-4djj-fd3y-jqch
2
vulnerability VCID-4k1g-3b3h-1fbz
3
vulnerability VCID-4wxz-pgew-5uc4
4
vulnerability VCID-9sad-598q-vygc
5
vulnerability VCID-akvp-y5s1-x7eg
6
vulnerability VCID-cczb-m9jq-wbb2
7
vulnerability VCID-njnr-ngu6-7qdv
8
vulnerability VCID-qsxb-qjb1-mqfd
9
vulnerability VCID-y2t3-3pyp-tbd2
10
vulnerability VCID-yhkc-dkqq-x7fg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@1.4.8-2%252Bdeb7u1
1
url pkg:deb/debian/swift@2.2.0-1
purl pkg:deb/debian/swift@2.2.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1k44-tzfw-pkhw
1
vulnerability VCID-4k1g-3b3h-1fbz
2
vulnerability VCID-4wxz-pgew-5uc4
3
vulnerability VCID-cczb-m9jq-wbb2
4
vulnerability VCID-qsxb-qjb1-mqfd
5
vulnerability VCID-yhkc-dkqq-x7fg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.2.0-1
2
url pkg:deb/debian/swift@2.2.0-1%2Bdeb8u1
purl pkg:deb/debian/swift@2.2.0-1%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1k44-tzfw-pkhw
1
vulnerability VCID-4k1g-3b3h-1fbz
2
vulnerability VCID-4wxz-pgew-5uc4
3
vulnerability VCID-cczb-m9jq-wbb2
4
vulnerability VCID-qsxb-qjb1-mqfd
5
vulnerability VCID-yhkc-dkqq-x7fg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.2.0-1%252Bdeb8u1
3
url pkg:deb/debian/swift@2.10.2-1~deb9u1~bpo8%2B1
purl pkg:deb/debian/swift@2.10.2-1~deb9u1~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4k1g-3b3h-1fbz
1
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.10.2-1~deb9u1~bpo8%252B1
4
url pkg:deb/debian/swift@2.10.2-1~deb9u1
purl pkg:deb/debian/swift@2.10.2-1~deb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4k1g-3b3h-1fbz
1
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.10.2-1~deb9u1
5
url pkg:deb/debian/swift@2.19.1-1
purl pkg:deb/debian/swift@2.19.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/swift@2.19.1-1
6
url pkg:pypi/swift@1.0.2
purl pkg:pypi/swift@1.0.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1k44-tzfw-pkhw
1
vulnerability VCID-4k1g-3b3h-1fbz
2
vulnerability VCID-4wxz-pgew-5uc4
3
vulnerability VCID-9sad-598q-vygc
4
vulnerability VCID-cczb-m9jq-wbb2
5
vulnerability VCID-njnr-ngu6-7qdv
6
vulnerability VCID-qsxb-qjb1-mqfd
7
vulnerability VCID-wf91-36ce-hbcz
8
vulnerability VCID-y2t3-3pyp-tbd2
9
vulnerability VCID-yhkc-dkqq-x7fg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@1.0.2
7
url pkg:pypi/swift@2.15.2
purl pkg:pypi/swift@2.15.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.15.2
8
url pkg:pypi/swift@2.17.1
purl pkg:pypi/swift@2.17.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.17.1
9
url pkg:pypi/swift@2.19.1
purl pkg:pypi/swift@2.19.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.19.1
10
url pkg:pypi/swift@2.19.2
purl pkg:pypi/swift@2.19.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.19.2
11
url pkg:pypi/swift@2.20.0
purl pkg:pypi/swift@2.20.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.20.0
12
url pkg:pypi/swift@2.21.0
purl pkg:pypi/swift@2.21.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.21.0
13
url pkg:pypi/swift@2.21.1
purl pkg:pypi/swift@2.21.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.21.1
14
url pkg:pypi/swift@2.22.0
purl pkg:pypi/swift@2.22.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.22.0
15
url pkg:pypi/swift@2.23.0
purl pkg:pypi/swift@2.23.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.23.0
16
url pkg:pypi/swift@2.23.1
purl pkg:pypi/swift@2.23.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.23.1
17
url pkg:pypi/swift@2.23.2
purl pkg:pypi/swift@2.23.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.23.2
18
url pkg:pypi/swift@2.23.3
purl pkg:pypi/swift@2.23.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.23.3
19
url pkg:pypi/swift@2.24.0
purl pkg:pypi/swift@2.24.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.24.0
20
url pkg:pypi/swift@2.25.0
purl pkg:pypi/swift@2.25.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.25.0
21
url pkg:pypi/swift@2.25.1
purl pkg:pypi/swift@2.25.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.25.1
22
url pkg:pypi/swift@2.25.2
purl pkg:pypi/swift@2.25.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.25.2
23
url pkg:pypi/swift@2.26.0
purl pkg:pypi/swift@2.26.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.26.0
24
url pkg:pypi/swift@2.27.0
purl pkg:pypi/swift@2.27.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.27.0
25
url pkg:pypi/swift@2.28.0
purl pkg:pypi/swift@2.28.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.28.0
26
url pkg:pypi/swift@2.29.0
purl pkg:pypi/swift@2.29.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.29.0
27
url pkg:pypi/swift@2.29.1
purl pkg:pypi/swift@2.29.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.29.1
28
url pkg:pypi/swift@2.30.0
purl pkg:pypi/swift@2.30.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/swift@2.30.0
29
url pkg:rpm/redhat/openstack-swift@2.23.2-1.20230201163512.eef87ee?arch=el8ost
purl pkg:rpm/redhat/openstack-swift@2.23.2-1.20230201163512.eef87ee?arch=el8ost
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-swift@2.23.2-1.20230201163512.eef87ee%3Farch=el8ost
30
url pkg:rpm/redhat/openstack-swift@2.23.4-2.20220422185313.2829195?arch=el8ost
purl pkg:rpm/redhat/openstack-swift@2.23.4-2.20220422185313.2829195?arch=el8ost
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-swift@2.23.4-2.20220422185313.2829195%3Farch=el8ost
31
url pkg:rpm/redhat/openstack-swift@2.27.1-0.20230201120900.6a1a8ce?arch=el9ost
purl pkg:rpm/redhat/openstack-swift@2.27.1-0.20230201120900.6a1a8ce?arch=el9ost
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-swift@2.27.1-0.20230201120900.6a1a8ce%3Farch=el9ost
32
url pkg:rpm/redhat/openstack-swift-plugin-swift3@1.12.1-1?arch=el7ost
purl pkg:rpm/redhat/openstack-swift-plugin-swift3@1.12.1-1?arch=el7ost
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qsxb-qjb1-mqfd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-swift-plugin-swift3@1.12.1-1%3Farch=el7ost
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47950.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-47950.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-47950
reference_id
reference_type
scores
0
value 0.00234
scoring_system epss
scoring_elements 0.46286
published_at 2026-04-21T12:55:00Z
1
value 0.00234
scoring_system epss
scoring_elements 0.46342
published_at 2026-04-18T12:55:00Z
2
value 0.00234
scoring_system epss
scoring_elements 0.46346
published_at 2026-04-16T12:55:00Z
3
value 0.00234
scoring_system epss
scoring_elements 0.46289
published_at 2026-04-13T12:55:00Z
4
value 0.00234
scoring_system epss
scoring_elements 0.4628
published_at 2026-04-12T12:55:00Z
5
value 0.00234
scoring_system epss
scoring_elements 0.46308
published_at 2026-04-11T12:55:00Z
6
value 0.00234
scoring_system epss
scoring_elements 0.46283
published_at 2026-04-08T12:55:00Z
7
value 0.00234
scoring_system epss
scoring_elements 0.46227
published_at 2026-04-07T12:55:00Z
8
value 0.00234
scoring_system epss
scoring_elements 0.46281
published_at 2026-04-04T12:55:00Z
9
value 0.00234
scoring_system epss
scoring_elements 0.46261
published_at 2026-04-02T12:55:00Z
10
value 0.00234
scoring_system epss
scoring_elements 0.46284
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-47950
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47950
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47950
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openstack/swift
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/swift
5
reference_url https://github.com/openstack/swift/commit/12e54391861e7d182d58f89fb88b027e65842640
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/swift/commit/12e54391861e7d182d58f89fb88b027e65842640
6
reference_url https://github.com/openstack/swift/commit/7d13d1a82e1f5d01205a13184907501b4fcbe2b0
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/swift/commit/7d13d1a82e1f5d01205a13184907501b4fcbe2b0
7
reference_url https://github.com/openstack/swift/commit/8dd96470a859dc7b189404fb67bd3899ae9c617f
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/swift/commit/8dd96470a859dc7b189404fb67bd3899ae9c617f
8
reference_url https://github.com/openstack/swift/commit/b8467e190f6fc67fd8fb6a8c5e32b2aa6a10fd8e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/swift/commit/b8467e190f6fc67fd8fb6a8c5e32b2aa6a10fd8e
9
reference_url https://github.com/openstack/swift/commit/baa98848451b5c234443a068691e12841a5a8383
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/swift/commit/baa98848451b5c234443a068691e12841a5a8383
10
reference_url https://github.com/openstack/swift/commit/c834e7a53d5a33a3fd13ffd954e6f4f4ee953dfc
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/swift/commit/c834e7a53d5a33a3fd13ffd954e6f4f4ee953dfc
11
reference_url https://github.com/openstack/swift/commit/d8d04ef43c90079d436b2e49617b4425ba39c28e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/swift/commit/d8d04ef43c90079d436b2e49617b4425ba39c28e
12
reference_url https://github.com/openstack/swift/commit/f10672514217adadfc776d9ea2ffb20a37ce073b
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/swift/commit/f10672514217adadfc776d9ea2ffb20a37ce073b
13
reference_url https://launchpad.net/bugs/1998625
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-04T15:46:54Z/
url https://launchpad.net/bugs/1998625
14
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00021.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-04T15:46:54Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00021.html
15
reference_url https://security.openstack.org/ossa/OSSA-2023-001.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-04T15:46:54Z/
url https://security.openstack.org/ossa/OSSA-2023-001.html
16
reference_url https://www.debian.org/security/2023/dsa-5327
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-04T15:46:54Z/
url https://www.debian.org/security/2023/dsa-5327
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029154
reference_id 1029154
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029154
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2160618
reference_id 2160618
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2160618
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-47950
reference_id CVE-2022-47950
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-47950
20
reference_url https://github.com/advisories/GHSA-274c-rx2j-2v3x
reference_id GHSA-274c-rx2j-2v3x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-274c-rx2j-2v3x
21
reference_url https://access.redhat.com/errata/RHSA-2023:1013
reference_id RHSA-2023:1013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1013
22
reference_url https://access.redhat.com/errata/RHSA-2023:1277
reference_id RHSA-2023:1277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1277
23
reference_url https://usn.ubuntu.com/5852-1/
reference_id USN-5852-1
reference_type
scores
url https://usn.ubuntu.com/5852-1/
Weaknesses
0
cwe_id 552
name Files or Directories Accessible to External Parties
description The product makes files or directories accessible to unauthorized actors, even though they should not be.
1
cwe_id 611
name Improper Restriction of XML External Entity Reference
description The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 7.7
Exploitability0.5
Weighted_severity6.9
Risk_score3.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-qsxb-qjb1-mqfd