Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-9w1e-3snv-ubfc
Summaryenvoy: oauth filter calls continueDecoding() from within decodeHeaders()
Aliases
0
alias CVE-2022-29228
Fixed_packages
Affected_packages
0
url pkg:rpm/redhat/servicemesh-proxy@2.1.3-1?arch=el8
purl pkg:rpm/redhat/servicemesh-proxy@2.1.3-1?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4pue-fbre-zfcf
1
vulnerability VCID-835d-4cep-d3ff
2
vulnerability VCID-994q-6khu-yfdq
3
vulnerability VCID-9w1e-3snv-ubfc
4
vulnerability VCID-k5er-ea7w-fuez
5
vulnerability VCID-wsn2-ar56-kfcp
6
vulnerability VCID-z5x6-xqtc-q3at
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/servicemesh-proxy@2.1.3-1%3Farch=el8
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29228.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29228.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29228
reference_id
reference_type
scores
0
value 0.00429
scoring_system epss
scoring_elements 0.62428
published_at 2026-04-02T12:55:00Z
1
value 0.00429
scoring_system epss
scoring_elements 0.62536
published_at 2026-04-26T12:55:00Z
2
value 0.00429
scoring_system epss
scoring_elements 0.62521
published_at 2026-04-16T12:55:00Z
3
value 0.00429
scoring_system epss
scoring_elements 0.62527
published_at 2026-04-18T12:55:00Z
4
value 0.00429
scoring_system epss
scoring_elements 0.6251
published_at 2026-04-21T12:55:00Z
5
value 0.00429
scoring_system epss
scoring_elements 0.6252
published_at 2026-04-24T12:55:00Z
6
value 0.00429
scoring_system epss
scoring_elements 0.62459
published_at 2026-04-04T12:55:00Z
7
value 0.00429
scoring_system epss
scoring_elements 0.62426
published_at 2026-04-07T12:55:00Z
8
value 0.00429
scoring_system epss
scoring_elements 0.62477
published_at 2026-04-08T12:55:00Z
9
value 0.00429
scoring_system epss
scoring_elements 0.62493
published_at 2026-04-09T12:55:00Z
10
value 0.00429
scoring_system epss
scoring_elements 0.62512
published_at 2026-04-11T12:55:00Z
11
value 0.00429
scoring_system epss
scoring_elements 0.62501
published_at 2026-04-12T12:55:00Z
12
value 0.00429
scoring_system epss
scoring_elements 0.62478
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29228
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2088740
reference_id 2088740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2088740
3
reference_url https://github.com/envoyproxy/envoy/commit/7ffda4e809dec74449ebc330cebb9d2f4ab61360
reference_id 7ffda4e809dec74449ebc330cebb9d2f4ab61360
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:25Z/
url https://github.com/envoyproxy/envoy/commit/7ffda4e809dec74449ebc330cebb9d2f4ab61360
4
reference_url https://github.com/envoyproxy/envoy/security/advisories/GHSA-rww6-8h7g-8jf6
reference_id GHSA-rww6-8h7g-8jf6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:54:25Z/
url https://github.com/envoyproxy/envoy/security/advisories/GHSA-rww6-8h7g-8jf6
5
reference_url https://access.redhat.com/errata/RHSA-2022:5004
reference_id RHSA-2022:5004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5004
Weaknesses
0
cwe_id 617
name Reachable Assertion
description The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
Exploits
Severity_range_score7.5 - 7.5
Exploitability0.5
Weighted_severity6.8
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-9w1e-3snv-ubfc