Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-7vc9-wfjb-t3ba

Summary ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability (XSS) by backing out of the current "tr" "td" brackets. This then allows a malicious user to provide code that will execute when a user views the specific log on the "view=log" page. This vulnerability allows an attacker to store code within the logs that will be executed when loaded by a legitimate user. These actions will be performed with the permission of the victim. This could lead to data loss and/or further exploitation including account takeover. This issue has been addressed in versions `1.36.27` and `1.37.24`. Users are advised to upgrade. Users unable to upgrade should disable database logging.

Aliases

alias	CVE-2022-39285

Fixed_packages

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armhf&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86_64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=riscv64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armv7&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86_64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armhf&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=s390x&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86_64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86_64&distroversion=edge&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armv7&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=riscv64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=s390x&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armhf&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armv7&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=s390x&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=aarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armhf&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armv7&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=s390x&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86_64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=aarch64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armhf&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armv7&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=s390x&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86_64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=aarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armhf&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armv7&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=s390x&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=aarch64&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armv7&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=ppc64le&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=s390x&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armhf&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=ppc64le&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=aarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=edge&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armhf&distroversion=edge&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=edge&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=armv7&distroversion=edge&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=loongarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=loongarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=edge&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=ppc64le&distroversion=edge&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=riscv64&distroversion=edge&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=edge&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=s390x&distroversion=edge&reponame=community

url	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/zoneminder@1.36.31-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.31-r0%3Farch=x86&distroversion=edge&reponame=community

url	pkg:deb/debian/zoneminder@1.36.31%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.31%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.31%252Bdfsg1-1%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1

purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-mdkd-vmcp-afa8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1

url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-mdkd-vmcp-afa8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-4qtk-7myx-vfcd

vulnerability	VCID-7vc9-wfjb-t3ba

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-95ub-6q5w-p3cm

vulnerability	VCID-9kh5-715y-pud4

vulnerability	VCID-d117-rhnc-rkhf

vulnerability	VCID-fyy1-fwys-xkbj

vulnerability	VCID-j283-1m9p-13hn

vulnerability	VCID-jukn-h868-5ugm

vulnerability	VCID-kk5d-y2z8-r3g2

vulnerability	VCID-mdkd-vmcp-afa8

vulnerability	VCID-mk5h-586t-pyga

vulnerability	VCID-n8y3-5fb9-kucb

vulnerability	VCID-tyu6-8h17-8yh5

vulnerability	VCID-uybk-r4q9-gyac

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.34.23-1

purl pkg:deb/debian/zoneminder@1.34.23-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-4qtk-7myx-vfcd

vulnerability	VCID-7vc9-wfjb-t3ba

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-95ub-6q5w-p3cm

vulnerability	VCID-9kh5-715y-pud4

vulnerability	VCID-d117-rhnc-rkhf

vulnerability	VCID-fyy1-fwys-xkbj

vulnerability	VCID-j283-1m9p-13hn

vulnerability	VCID-jukn-h868-5ugm

vulnerability	VCID-kk5d-y2z8-r3g2

vulnerability	VCID-mdkd-vmcp-afa8

vulnerability	VCID-mk5h-586t-pyga

vulnerability	VCID-n8y3-5fb9-kucb

vulnerability	VCID-tyu6-8h17-8yh5

vulnerability	VCID-uybk-r4q9-gyac

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-39285

reference_id

reference_type

scores

value	0.01852
scoring_system	epss
scoring_elements	0.83047
published_at	2026-04-21T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.83017
published_at	2026-04-11T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.83011
published_at	2026-04-12T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.83006
published_at	2026-04-13T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.83045
published_at	2026-04-16T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.83044
published_at	2026-04-18T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.82959
published_at	2026-04-02T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.82972
published_at	2026-04-04T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.82969
published_at	2026-04-07T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.82994
published_at	2026-04-08T12:55:00Z

value	0.01852
scoring_system	epss
scoring_elements	0.83001
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-39285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39285
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39285

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021565
reference_id	1021565
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021565

reference_url

https://github.com/ZoneMinder/zoneminder/commit/c0a4c05e84eea0f6ccf7169c014efe5422c9ba0d

reference_id

c0a4c05e84eea0f6ccf7169c014efe5422c9ba0d

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:43:49Z/

url

https://github.com/ZoneMinder/zoneminder/commit/c0a4c05e84eea0f6ccf7169c014efe5422c9ba0d

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51071.py
reference_id	CVE-2022-39291;CVE-2022-39290;CVE-2022-39285
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51071.py

reference_url

https://github.com/ZoneMinder/zoneminder/commit/d289eb48601a76e34feea3c1683955337b1fae59

reference_id

d289eb48601a76e34feea3c1683955337b1fae59

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:43:49Z/

url

https://github.com/ZoneMinder/zoneminder/commit/d289eb48601a76e34feea3c1683955337b1fae59

reference_url

https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-h6xp-cvwv-q433

reference_id

GHSA-h6xp-cvwv-q433

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:43:49Z/

url

https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-h6xp-cvwv-q433

reference_url

http://packetstormsecurity.com/files/171498/Zoneminder-Log-Injection-XSS-Cross-Site-Request-Forgery.html

reference_id

Zoneminder-Log-Injection-XSS-Cross-Site-Request-Forgery.html

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:43:49Z/

url

http://packetstormsecurity.com/files/171498/Zoneminder-Log-Injection-XSS-Cross-Site-Request-Forgery.html

Weaknesses

cwe_id	79
name	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
description	The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Exploits

date_added	2023-03-27
description	Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2023-03-27
exploit_type	webapps
platform	php
source_date_updated	2023-06-19
data_source	Exploit-DB
source_url

Severity_range_score 7.6 - 7.6

Exploitability 2.0

Weighted_severity 6.8

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7vc9-wfjb-t3ba

Vulnerability Instance