Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-vzp1-zys5-hybk
SummaryAn issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. Due to the improper filtering of query parameters in the wiki changes page, an attacker can execute arbitrary JavaScript on the self-hosted instances running without strict CSP.
Aliases
0
alias CVE-2022-3573
Fixed_packages
0
url pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
purl pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@15.10.8%252Bds1-2%3Fdistro=sid
1
url pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3573
reference_id
reference_type
scores
0
value 0.00775
scoring_system epss
scoring_elements 0.73562
published_at 2026-04-02T12:55:00Z
1
value 0.00775
scoring_system epss
scoring_elements 0.73558
published_at 2026-04-07T12:55:00Z
2
value 0.00775
scoring_system epss
scoring_elements 0.73594
published_at 2026-04-08T12:55:00Z
3
value 0.00775
scoring_system epss
scoring_elements 0.73607
published_at 2026-04-09T12:55:00Z
4
value 0.00775
scoring_system epss
scoring_elements 0.73629
published_at 2026-04-11T12:55:00Z
5
value 0.00775
scoring_system epss
scoring_elements 0.73611
published_at 2026-04-12T12:55:00Z
6
value 0.00775
scoring_system epss
scoring_elements 0.73602
published_at 2026-04-13T12:55:00Z
7
value 0.00775
scoring_system epss
scoring_elements 0.73646
published_at 2026-04-16T12:55:00Z
8
value 0.00775
scoring_system epss
scoring_elements 0.73655
published_at 2026-04-18T12:55:00Z
9
value 0.00775
scoring_system epss
scoring_elements 0.73585
published_at 2026-04-04T12:55:00Z
10
value 0.01246
scoring_system epss
scoring_elements 0.79355
published_at 2026-04-24T12:55:00Z
11
value 0.01246
scoring_system epss
scoring_elements 0.79322
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3573
1
reference_url https://hackerone.com/reports/1730461
reference_id 1730461
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T15:15:35Z/
url https://hackerone.com/reports/1730461
2
reference_url https://gitlab.com/gitlab-org/gitlab/-/issues/378216
reference_id 378216
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T15:15:35Z/
url https://gitlab.com/gitlab-org/gitlab/-/issues/378216
3
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3573.json
reference_id CVE-2022-3573.json
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T15:15:35Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3573.json
Weaknesses
Exploits
Severity_range_score5.4 - 5.4
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-vzp1-zys5-hybk