Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/943876?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "zabbix", "version": "1:5.0.44+dfsg-1+deb11u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1:5.0.45+dfsg-1+deb11u1", "latest_non_vulnerable_version": "1:7.0.22+dfsg-1.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95100?format=api", "vulnerability_id": "VCID-18fv-tqjq-p3ce", "summary": "An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43883", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43886", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43904", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43871", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43854", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43878", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43902", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43832", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74981", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.75005", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74978", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74996", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.75048", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74904", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74911", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74902", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74938", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74945", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74948", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.74955", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24349" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943875?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943844?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-172p-q6d5-9ya3" }, { "vulnerability": "VCID-1xr6-n296-cyfd" }, { "vulnerability": "VCID-3g1d-2tvh-akh4" }, { "vulnerability": "VCID-3qru-uxsd-e3c8" }, { "vulnerability": "VCID-464s-8ex9-kqdz" }, { "vulnerability": "VCID-4s92-5es4-yka5" }, { "vulnerability": "VCID-4uxg-fxv7-rua8" }, { "vulnerability": "VCID-547a-p94b-6fep" }, { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-5s7j-6aea-qucr" }, { "vulnerability": "VCID-5t3e-bfve-d3he" }, { "vulnerability": "VCID-673b-qsd3-e3hz" }, { "vulnerability": "VCID-6u3x-x7qt-g3fa" }, { "vulnerability": "VCID-76qf-8jm4-8kct" }, { "vulnerability": "VCID-7bzf-3c9x-8qc4" }, { "vulnerability": "VCID-7f3g-hebk-3qad" }, { "vulnerability": "VCID-7yp1-231f-a3eq" }, { "vulnerability": "VCID-9jfn-6nvg-a3b6" }, { "vulnerability": "VCID-9z8h-gg7t-b7f8" }, { "vulnerability": "VCID-aetr-jrab-6fg5" }, { "vulnerability": "VCID-b8tm-2187-wkhz" }, { "vulnerability": "VCID-batr-txtv-s3cf" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-cuqx-wxkd-nffa" }, { "vulnerability": "VCID-d7uk-h423-77f5" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-ftt2-5jnt-9ye2" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-gp3f-yz9h-eqax" }, { "vulnerability": "VCID-gyqk-zsww-ykdj" }, { "vulnerability": "VCID-kx3g-p2zj-duaj" }, { "vulnerability": "VCID-mhx5-hcg2-wfc4" }, { "vulnerability": "VCID-n5md-76wa-dbaa" }, { "vulnerability": "VCID-nrkb-pzcu-8ueg" }, { "vulnerability": "VCID-nyhx-57xy-wugc" }, { "vulnerability": "VCID-psak-h1x6-1kca" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r65p-6wkq-sfb9" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-ry8x-mjbp-qqct" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-sudd-unuw-wqa9" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" }, { "vulnerability": "VCID-uxdf-6tyd-rucd" }, { "vulnerability": "VCID-vkfp-asar-7bhw" }, { "vulnerability": "VCID-wczj-cv1m-7qce" }, { "vulnerability": "VCID-zc7p-7yts-5yae" }, { "vulnerability": "VCID-zrfp-skzu-cbet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-24349" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18fv-tqjq-p3ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95948?format=api", "vulnerability_id": "VCID-1xr6-n296-cyfd", "summary": "The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62231", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.6214", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62086", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62136", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62195", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62175", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62042", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62074", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62043", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62093", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.6211", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.6213", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.6212", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62099", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62143", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62149", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62133", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62131", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62147", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22119" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00020.html", "reference_id": "msg00020.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T14:54:06Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00020.html" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-24070", "reference_id": "ZBX-24070", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T14:54:06Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-24070" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943879?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.24%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.24%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-22119" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1xr6-n296-cyfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95076?format=api", "vulnerability_id": "VCID-2hd4-rbph-5qd8", "summary": "An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76705", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76477", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76506", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76489", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76521", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76532", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76558", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76537", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76573", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76577", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76565", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76598", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76603", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76617", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76605", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76634", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76652", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76638", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76656", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23133" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23133", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23133" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943875?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943844?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-172p-q6d5-9ya3" }, { "vulnerability": "VCID-1xr6-n296-cyfd" }, { "vulnerability": "VCID-3g1d-2tvh-akh4" }, { "vulnerability": "VCID-3qru-uxsd-e3c8" }, { "vulnerability": "VCID-464s-8ex9-kqdz" }, { "vulnerability": "VCID-4s92-5es4-yka5" }, { "vulnerability": "VCID-4uxg-fxv7-rua8" }, { "vulnerability": "VCID-547a-p94b-6fep" }, { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-5s7j-6aea-qucr" }, { "vulnerability": "VCID-5t3e-bfve-d3he" }, { "vulnerability": "VCID-673b-qsd3-e3hz" }, { "vulnerability": "VCID-6u3x-x7qt-g3fa" }, { "vulnerability": "VCID-76qf-8jm4-8kct" }, { "vulnerability": "VCID-7bzf-3c9x-8qc4" }, { "vulnerability": "VCID-7f3g-hebk-3qad" }, { "vulnerability": "VCID-7yp1-231f-a3eq" }, { "vulnerability": "VCID-9jfn-6nvg-a3b6" }, { "vulnerability": "VCID-9z8h-gg7t-b7f8" }, { "vulnerability": "VCID-aetr-jrab-6fg5" }, { "vulnerability": "VCID-b8tm-2187-wkhz" }, { "vulnerability": "VCID-batr-txtv-s3cf" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-cuqx-wxkd-nffa" }, { "vulnerability": "VCID-d7uk-h423-77f5" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-ftt2-5jnt-9ye2" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-gp3f-yz9h-eqax" }, { "vulnerability": "VCID-gyqk-zsww-ykdj" }, { "vulnerability": "VCID-kx3g-p2zj-duaj" }, { "vulnerability": "VCID-mhx5-hcg2-wfc4" }, { "vulnerability": "VCID-n5md-76wa-dbaa" }, { "vulnerability": "VCID-nrkb-pzcu-8ueg" }, { "vulnerability": "VCID-nyhx-57xy-wugc" }, { "vulnerability": "VCID-psak-h1x6-1kca" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r65p-6wkq-sfb9" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-ry8x-mjbp-qqct" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-sudd-unuw-wqa9" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" }, { "vulnerability": "VCID-uxdf-6tyd-rucd" }, { "vulnerability": "VCID-vkfp-asar-7bhw" }, { "vulnerability": "VCID-wczj-cv1m-7qce" }, { "vulnerability": "VCID-zc7p-7yts-5yae" }, { "vulnerability": "VCID-zrfp-skzu-cbet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-23133" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2hd4-rbph-5qd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95949?format=api", "vulnerability_id": "VCID-3qru-uxsd-e3c8", "summary": "Zabbix allows to configure SMS notifications. AT command injection occurs on \"Zabbix Server\" because there is no validation of \"Number\" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63273", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63231", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63192", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63218", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.6307", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.631", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63064", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63116", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63133", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.6315", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63135", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63113", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63148", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63155", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63136", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63158", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63172", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.6317", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.6318", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25012", "reference_id": "ZBX-25012", "reference_type": "", "scores": [ { "value": "3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T14:46:40Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25012" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943880?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.0%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.0%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-22122" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3qru-uxsd-e3c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95538?format=api", "vulnerability_id": "VCID-464s-8ex9-kqdz", "summary": "A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72306", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72324", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72301", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.7234", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72352", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72375", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72358", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72346", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72387", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72397", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72384", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72427", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72436", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72432", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72424", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72454", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72479", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72442", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72469", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72526", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32721" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877", "reference_id": "1053877", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-32721" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-464s-8ex9-kqdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95945?format=api", "vulnerability_id": "VCID-4s92-5es4-yka5", "summary": "User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38663", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38637", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38651", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38588", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.391", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39122", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.3904", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39096", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39112", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39124", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39087", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39067", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39092", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39004", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38797", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38774", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38687", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38564", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22114" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25015", "reference_id": "ZBX-25015", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:39:48Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25015" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943880?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.0%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.0%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-22114" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4s92-5es4-yka5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95543?format=api", "vulnerability_id": "VCID-4uxg-fxv7-rua8", "summary": "An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64506", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64302", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64459", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64428", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64453", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64331", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64287", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64335", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.6435", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64363", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64351", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64322", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64358", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64369", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.6436", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64381", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64394", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64368", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64413", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32727" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32727" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-23857", "reference_id": "ZBX-23857", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:37:31Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-23857" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-32727" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4uxg-fxv7-rua8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95539?format=api", "vulnerability_id": "VCID-547a-p94b-6fep", "summary": "The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32722", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58079", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57972", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5803", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5798", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58009", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5799", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57966", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58022", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58024", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58041", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58029", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58028", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58005", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57969", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57985", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57968", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57925", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32722" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877", "reference_id": "1053877", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-23390", "reference_id": "ZBX-23390", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-18T15:26:49Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-23390" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-32722" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-547a-p94b-6fep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95496?format=api", "vulnerability_id": "VCID-5s7j-6aea-qucr", "summary": "Stored or persistent cross-site scripting (XSS) is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload (e.g., in a database or server-side text files), and finally, the application unintentionally executes the payload for every victim visiting its web pages.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29454", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70673", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70654", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74208", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.7417", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74217", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74209", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74244", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74253", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74251", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74245", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74273", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74126", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74159", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74174", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74195", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00807", "scoring_system": "epss", "scoring_elements": "0.74177", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00815", "scoring_system": "epss", "scoring_elements": "0.74378", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00815", "scoring_system": "epss", "scoring_elements": "0.74456", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00815", "scoring_system": "epss", "scoring_elements": "0.744", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00815", "scoring_system": "epss", "scoring_elements": "0.74412", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29454" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22985", "reference_id": "ZBX-22985", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T21:06:47Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22985" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29454" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5s7j-6aea-qucr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95497?format=api", "vulnerability_id": "VCID-673b-qsd3-e3hz", "summary": "Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29455", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.75899", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00917", "scoring_system": "epss", "scoring_elements": "0.75866", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79058", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79082", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79081", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79114", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79121", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79136", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79149", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.7917", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79028", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79052", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79059", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79083", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79068", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79085", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01231", "scoring_system": "epss", "scoring_elements": "0.79301", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01231", "scoring_system": "epss", "scoring_elements": "0.79319", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01231", "scoring_system": "epss", "scoring_elements": "0.79359", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29455" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29455", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29455" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22986", "reference_id": "ZBX-22986", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T21:06:45Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22986" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29455" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-673b-qsd3-e3hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95493?format=api", "vulnerability_id": "VCID-6u3x-x7qt-g3fa", "summary": "JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00755", "scoring_system": "epss", "scoring_elements": "0.73212", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00755", "scoring_system": "epss", "scoring_elements": "0.73191", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75198", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75155", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75136", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75145", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.7498", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75014", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75026", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75047", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75015", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75051", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75059", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75049", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75087", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75092", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75096", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75103", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.7513", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29449" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22589", "reference_id": "ZBX-22589", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T16:25:49Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22589" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29449" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6u3x-x7qt-g3fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96118?format=api", "vulnerability_id": "VCID-7bzf-3c9x-8qc4", "summary": "An authenticated user with API access (e.g.: user with default User role), more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group (e.g.: Zabbix Administrators), except to groups that are disabled or having restricted GUI access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36467", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47366", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47425", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47339", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.4736", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47308", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47363", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47384", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47359", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55621", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55574", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55634", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55678", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55729", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55708", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55633", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.5565", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55627", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69898", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69848", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36467" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689", "reference_id": "1088689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25614", "reference_id": "ZBX-25614", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-04T04:55:25Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25614" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943887?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.2%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.2%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-36467" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7bzf-3c9x-8qc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96116?format=api", "vulnerability_id": "VCID-7yp1-231f-a3eq", "summary": "The implementation of atob in \"Zabbix JS\" allows to create a string with arbitrary content and use it to access internal properties of objects.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36463", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59457", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.594", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59358", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59385", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59297", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59321", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59286", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59336", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59349", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59368", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59352", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59367", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59373", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59354", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59332", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59351", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59294", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59343", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36463" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36463" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25611", "reference_id": "ZBX-25611", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:21:34Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25611" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943884?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.3%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.3%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-36463" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7yp1-231f-a3eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95199?format=api", "vulnerability_id": "VCID-8cpy-mqfn-y3f9", "summary": "An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35230", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75454", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75221", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75251", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75229", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75271", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75282", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75302", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.7528", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75269", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75308", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75315", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75306", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75342", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75346", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75349", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75357", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75386", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75411", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.7539", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75398", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35230" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35230" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014994", "reference_id": "1014994", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014994" }, { "reference_url": "https://usn.ubuntu.com/6751-1/", "reference_id": "USN-6751-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6751-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943875?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943844?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-172p-q6d5-9ya3" }, { "vulnerability": "VCID-1xr6-n296-cyfd" }, { "vulnerability": "VCID-3g1d-2tvh-akh4" }, { "vulnerability": "VCID-3qru-uxsd-e3c8" }, { "vulnerability": "VCID-464s-8ex9-kqdz" }, { "vulnerability": "VCID-4s92-5es4-yka5" }, { "vulnerability": "VCID-4uxg-fxv7-rua8" }, { "vulnerability": "VCID-547a-p94b-6fep" }, { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-5s7j-6aea-qucr" }, { "vulnerability": "VCID-5t3e-bfve-d3he" }, { "vulnerability": "VCID-673b-qsd3-e3hz" }, { "vulnerability": "VCID-6u3x-x7qt-g3fa" }, { "vulnerability": "VCID-76qf-8jm4-8kct" }, { "vulnerability": "VCID-7bzf-3c9x-8qc4" }, { "vulnerability": "VCID-7f3g-hebk-3qad" }, { "vulnerability": "VCID-7yp1-231f-a3eq" }, { "vulnerability": "VCID-9jfn-6nvg-a3b6" }, { "vulnerability": "VCID-9z8h-gg7t-b7f8" }, { "vulnerability": "VCID-aetr-jrab-6fg5" }, { "vulnerability": "VCID-b8tm-2187-wkhz" }, { "vulnerability": "VCID-batr-txtv-s3cf" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-cuqx-wxkd-nffa" }, { "vulnerability": "VCID-d7uk-h423-77f5" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-ftt2-5jnt-9ye2" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-gp3f-yz9h-eqax" }, { "vulnerability": "VCID-gyqk-zsww-ykdj" }, { "vulnerability": "VCID-kx3g-p2zj-duaj" }, { "vulnerability": "VCID-mhx5-hcg2-wfc4" }, { "vulnerability": "VCID-n5md-76wa-dbaa" }, { "vulnerability": "VCID-nrkb-pzcu-8ueg" }, { "vulnerability": "VCID-nyhx-57xy-wugc" }, { "vulnerability": "VCID-psak-h1x6-1kca" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r65p-6wkq-sfb9" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-ry8x-mjbp-qqct" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-sudd-unuw-wqa9" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" }, { "vulnerability": "VCID-uxdf-6tyd-rucd" }, { "vulnerability": "VCID-vkfp-asar-7bhw" }, { "vulnerability": "VCID-wczj-cv1m-7qce" }, { "vulnerability": "VCID-zc7p-7yts-5yae" }, { "vulnerability": "VCID-zrfp-skzu-cbet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35230" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8cpy-mqfn-y3f9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95198?format=api", "vulnerability_id": "VCID-9aju-xvg1-n7e5", "summary": "An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35229", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74365", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74152", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74179", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74151", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74184", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74199", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.7422", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74203", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74233", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74243", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74234", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74269", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74278", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74277", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74271", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74298", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74322", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74285", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74308", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35229" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014992", "reference_id": "1014992", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014992" }, { "reference_url": "https://usn.ubuntu.com/6751-1/", "reference_id": "USN-6751-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6751-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943875?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943844?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-172p-q6d5-9ya3" }, { "vulnerability": "VCID-1xr6-n296-cyfd" }, { "vulnerability": "VCID-3g1d-2tvh-akh4" }, { "vulnerability": "VCID-3qru-uxsd-e3c8" }, { "vulnerability": "VCID-464s-8ex9-kqdz" }, { "vulnerability": "VCID-4s92-5es4-yka5" }, { "vulnerability": "VCID-4uxg-fxv7-rua8" }, { "vulnerability": "VCID-547a-p94b-6fep" }, { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-5s7j-6aea-qucr" }, { "vulnerability": "VCID-5t3e-bfve-d3he" }, { "vulnerability": "VCID-673b-qsd3-e3hz" }, { "vulnerability": "VCID-6u3x-x7qt-g3fa" }, { "vulnerability": "VCID-76qf-8jm4-8kct" }, { "vulnerability": "VCID-7bzf-3c9x-8qc4" }, { "vulnerability": "VCID-7f3g-hebk-3qad" }, { "vulnerability": "VCID-7yp1-231f-a3eq" }, { "vulnerability": "VCID-9jfn-6nvg-a3b6" }, { "vulnerability": "VCID-9z8h-gg7t-b7f8" }, { "vulnerability": "VCID-aetr-jrab-6fg5" }, { "vulnerability": "VCID-b8tm-2187-wkhz" }, { "vulnerability": "VCID-batr-txtv-s3cf" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-cuqx-wxkd-nffa" }, { "vulnerability": "VCID-d7uk-h423-77f5" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-ftt2-5jnt-9ye2" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-gp3f-yz9h-eqax" }, { "vulnerability": "VCID-gyqk-zsww-ykdj" }, { "vulnerability": "VCID-kx3g-p2zj-duaj" }, { "vulnerability": "VCID-mhx5-hcg2-wfc4" }, { "vulnerability": "VCID-n5md-76wa-dbaa" }, { "vulnerability": "VCID-nrkb-pzcu-8ueg" }, { "vulnerability": "VCID-nyhx-57xy-wugc" }, { "vulnerability": "VCID-psak-h1x6-1kca" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r65p-6wkq-sfb9" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-ry8x-mjbp-qqct" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-sudd-unuw-wqa9" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" }, { "vulnerability": "VCID-uxdf-6tyd-rucd" }, { "vulnerability": "VCID-vkfp-asar-7bhw" }, { "vulnerability": "VCID-wczj-cv1m-7qce" }, { "vulnerability": "VCID-zc7p-7yts-5yae" }, { "vulnerability": "VCID-zrfp-skzu-cbet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-35229" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9aju-xvg1-n7e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95541?format=api", "vulnerability_id": "VCID-9z8h-gg7t-b7f8", "summary": "Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72648", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72594", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72428", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72446", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72422", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72461", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72496", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72478", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.7251", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72519", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72509", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72552", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72559", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72557", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.7255", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72579", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72605", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72567", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32724" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32724", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32724" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877", "reference_id": "1053877", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-23391", "reference_id": "ZBX-23391", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:43:17Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-23391" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-32724" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9z8h-gg7t-b7f8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95950?format=api", "vulnerability_id": "VCID-batr-txtv-s3cf", "summary": "Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbix_server will try to communicate with it as modem. As a result, log file will be broken with AT commands and small part for log file content will be leaked to UI.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60932", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60847", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60852", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60826", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60886", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60848", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60874", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60757", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60786", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60751", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60799", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60836", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60823", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60804", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61534", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61485", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00413", "scoring_system": "epss", "scoring_elements": "0.61539", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22123" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25013", "reference_id": "ZBX-25013", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T14:40:56Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25013" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943880?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.0%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.0%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-22123" ], "risk_score": 0.7, "exploitability": "0.5", "weighted_severity": "1.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-batr-txtv-s3cf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95500?format=api", "vulnerability_id": "VCID-cuqx-wxkd-nffa", "summary": "Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28309", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28265", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32229", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32199", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32038", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.3191", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.3183", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31681", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31755", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32206", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32254", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32284", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32285", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32247", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32216", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32249", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33193", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33104", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33131", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33211", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29458" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22989", "reference_id": "ZBX-22989", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T16:19:37Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22989" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29458" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cuqx-wxkd-nffa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95542?format=api", "vulnerability_id": "VCID-d7uk-h423-77f5", "summary": "The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32726", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32521", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33077", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33109", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.3294", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32985", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33016", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33019", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32981", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32956", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32998", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32976", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32939", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32792", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32679", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32596", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32456", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.3252", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.3253", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32433", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32454", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32726" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32726", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32726" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943879?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.24%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.24%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-32726" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7uk-h423-77f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95499?format=api", "vulnerability_id": "VCID-ftt2-5jnt-9ye2", "summary": "Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29457", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.58661", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00367", "scoring_system": "epss", "scoring_elements": "0.5864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65592", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65616", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65617", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65516", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65569", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65581", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.656", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65586", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65558", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65594", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65607", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65606", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65591", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0049", "scoring_system": "epss", "scoring_elements": "0.65641", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65922", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65877", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65848", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65867", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29457" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22988", "reference_id": "ZBX-22988", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T21:06:43Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22988" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29457" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ftt2-5jnt-9ye2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95075?format=api", "vulnerability_id": "VCID-gbn9-b2t2-5fbs", "summary": "During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.3386", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34477", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34386", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34415", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34418", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34379", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34355", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34389", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34375", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34335", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33962", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33943", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33859", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33739", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33808", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33849", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33761", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33784", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23132" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943875?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943844?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-172p-q6d5-9ya3" }, { "vulnerability": "VCID-1xr6-n296-cyfd" }, { "vulnerability": "VCID-3g1d-2tvh-akh4" }, { "vulnerability": "VCID-3qru-uxsd-e3c8" }, { "vulnerability": "VCID-464s-8ex9-kqdz" }, { "vulnerability": "VCID-4s92-5es4-yka5" }, { "vulnerability": "VCID-4uxg-fxv7-rua8" }, { "vulnerability": "VCID-547a-p94b-6fep" }, { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-5s7j-6aea-qucr" }, { "vulnerability": "VCID-5t3e-bfve-d3he" }, { "vulnerability": "VCID-673b-qsd3-e3hz" }, { "vulnerability": "VCID-6u3x-x7qt-g3fa" }, { "vulnerability": "VCID-76qf-8jm4-8kct" }, { "vulnerability": "VCID-7bzf-3c9x-8qc4" }, { "vulnerability": "VCID-7f3g-hebk-3qad" }, { "vulnerability": "VCID-7yp1-231f-a3eq" }, { "vulnerability": "VCID-9jfn-6nvg-a3b6" }, { "vulnerability": "VCID-9z8h-gg7t-b7f8" }, { "vulnerability": "VCID-aetr-jrab-6fg5" }, { "vulnerability": "VCID-b8tm-2187-wkhz" }, { "vulnerability": "VCID-batr-txtv-s3cf" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-cuqx-wxkd-nffa" }, { "vulnerability": "VCID-d7uk-h423-77f5" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-ftt2-5jnt-9ye2" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-gp3f-yz9h-eqax" }, { "vulnerability": "VCID-gyqk-zsww-ykdj" }, { "vulnerability": "VCID-kx3g-p2zj-duaj" }, { "vulnerability": "VCID-mhx5-hcg2-wfc4" }, { "vulnerability": "VCID-n5md-76wa-dbaa" }, { "vulnerability": "VCID-nrkb-pzcu-8ueg" }, { "vulnerability": "VCID-nyhx-57xy-wugc" }, { "vulnerability": "VCID-psak-h1x6-1kca" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r65p-6wkq-sfb9" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-ry8x-mjbp-qqct" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-sudd-unuw-wqa9" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" }, { "vulnerability": "VCID-uxdf-6tyd-rucd" }, { "vulnerability": "VCID-vkfp-asar-7bhw" }, { "vulnerability": "VCID-wczj-cv1m-7qce" }, { "vulnerability": "VCID-zc7p-7yts-5yae" }, { "vulnerability": "VCID-zrfp-skzu-cbet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-23132" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gbn9-b2t2-5fbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96114?format=api", "vulnerability_id": "VCID-gp3f-yz9h-eqax", "summary": "The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords are displayed in plain text.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63621", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63579", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63544", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.6357", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.6347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63487", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63504", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63488", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63454", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63495", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.6348", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63499", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63513", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63508", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63482", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63527", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36460" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25017", "reference_id": "ZBX-25017", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:04:09Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25017" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943883?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-36460" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gp3f-yz9h-eqax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95498?format=api", "vulnerability_id": "VCID-kx3g-p2zj-duaj", "summary": "URL validation scheme receives input from a user and then parses it to identify its various components. The validation scheme can ensure that all URL components comply with internet standards.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31519", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31478", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36055", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36016", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36041", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35989", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35762", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3573", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35643", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35529", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.356", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36006", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36056", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36074", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36081", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36042", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.35704", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.35792", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.35727", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.35795", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29456" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22987", "reference_id": "ZBX-22987", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T16:19:48Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22987" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29456" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kx3g-p2zj-duaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95102?format=api", "vulnerability_id": "VCID-mggj-rvdd-eqc6", "summary": "An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53434", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53429", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53478", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53462", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53445", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53387", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53413", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53382", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75514", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75539", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75518", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75526", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75581", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75438", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75444", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75433", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75468", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75472", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75477", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75485", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24917" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943875?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943844?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-172p-q6d5-9ya3" }, { "vulnerability": "VCID-1xr6-n296-cyfd" }, { "vulnerability": "VCID-3g1d-2tvh-akh4" }, { "vulnerability": "VCID-3qru-uxsd-e3c8" }, { "vulnerability": "VCID-464s-8ex9-kqdz" }, { "vulnerability": "VCID-4s92-5es4-yka5" }, { "vulnerability": "VCID-4uxg-fxv7-rua8" }, { "vulnerability": "VCID-547a-p94b-6fep" }, { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-5s7j-6aea-qucr" }, { "vulnerability": "VCID-5t3e-bfve-d3he" }, { "vulnerability": "VCID-673b-qsd3-e3hz" }, { "vulnerability": "VCID-6u3x-x7qt-g3fa" }, { "vulnerability": "VCID-76qf-8jm4-8kct" }, { "vulnerability": "VCID-7bzf-3c9x-8qc4" }, { "vulnerability": "VCID-7f3g-hebk-3qad" }, { "vulnerability": "VCID-7yp1-231f-a3eq" }, { "vulnerability": "VCID-9jfn-6nvg-a3b6" }, { "vulnerability": "VCID-9z8h-gg7t-b7f8" }, { "vulnerability": "VCID-aetr-jrab-6fg5" }, { "vulnerability": "VCID-b8tm-2187-wkhz" }, { "vulnerability": "VCID-batr-txtv-s3cf" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-cuqx-wxkd-nffa" }, { "vulnerability": "VCID-d7uk-h423-77f5" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-ftt2-5jnt-9ye2" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-gp3f-yz9h-eqax" }, { "vulnerability": "VCID-gyqk-zsww-ykdj" }, { "vulnerability": "VCID-kx3g-p2zj-duaj" }, { "vulnerability": "VCID-mhx5-hcg2-wfc4" }, { "vulnerability": "VCID-n5md-76wa-dbaa" }, { "vulnerability": "VCID-nrkb-pzcu-8ueg" }, { "vulnerability": "VCID-nyhx-57xy-wugc" }, { "vulnerability": "VCID-psak-h1x6-1kca" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r65p-6wkq-sfb9" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-ry8x-mjbp-qqct" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-sudd-unuw-wqa9" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" }, { "vulnerability": "VCID-uxdf-6tyd-rucd" }, { "vulnerability": "VCID-vkfp-asar-7bhw" }, { "vulnerability": "VCID-wczj-cv1m-7qce" }, { "vulnerability": "VCID-zc7p-7yts-5yae" }, { "vulnerability": "VCID-zrfp-skzu-cbet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-24917" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mggj-rvdd-eqc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96115?format=api", "vulnerability_id": "VCID-nrkb-pzcu-8ueg", "summary": "Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72755", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72714", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72677", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72703", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72536", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72553", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.7253", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72568", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.7258", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72604", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72587", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72576", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72618", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72629", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.7262", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72662", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72671", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72667", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72659", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.7269", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36461" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25018", "reference_id": "ZBX-25018", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T15:21:52Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25018" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943883?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.1%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.1%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-36461" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrkb-pzcu-8ueg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95104?format=api", "vulnerability_id": "VCID-qhxc-w75p-kqaj", "summary": "An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53434", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53429", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53478", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53462", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53445", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53387", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53413", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53382", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75514", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75539", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75518", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75526", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75581", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75438", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75444", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75433", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75468", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75472", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75477", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75485", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24919" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943875?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943844?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-172p-q6d5-9ya3" }, { "vulnerability": "VCID-1xr6-n296-cyfd" }, { "vulnerability": "VCID-3g1d-2tvh-akh4" }, { "vulnerability": "VCID-3qru-uxsd-e3c8" }, { "vulnerability": "VCID-464s-8ex9-kqdz" }, { "vulnerability": "VCID-4s92-5es4-yka5" }, { "vulnerability": "VCID-4uxg-fxv7-rua8" }, { "vulnerability": "VCID-547a-p94b-6fep" }, { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-5s7j-6aea-qucr" }, { "vulnerability": "VCID-5t3e-bfve-d3he" }, { "vulnerability": "VCID-673b-qsd3-e3hz" }, { "vulnerability": "VCID-6u3x-x7qt-g3fa" }, { "vulnerability": "VCID-76qf-8jm4-8kct" }, { "vulnerability": "VCID-7bzf-3c9x-8qc4" }, { "vulnerability": "VCID-7f3g-hebk-3qad" }, { "vulnerability": "VCID-7yp1-231f-a3eq" }, { "vulnerability": "VCID-9jfn-6nvg-a3b6" }, { "vulnerability": "VCID-9z8h-gg7t-b7f8" }, { "vulnerability": "VCID-aetr-jrab-6fg5" }, { "vulnerability": "VCID-b8tm-2187-wkhz" }, { "vulnerability": "VCID-batr-txtv-s3cf" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-cuqx-wxkd-nffa" }, { "vulnerability": "VCID-d7uk-h423-77f5" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-ftt2-5jnt-9ye2" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-gp3f-yz9h-eqax" }, { "vulnerability": "VCID-gyqk-zsww-ykdj" }, { "vulnerability": "VCID-kx3g-p2zj-duaj" }, { "vulnerability": "VCID-mhx5-hcg2-wfc4" }, { "vulnerability": "VCID-n5md-76wa-dbaa" }, { "vulnerability": "VCID-nrkb-pzcu-8ueg" }, { "vulnerability": "VCID-nyhx-57xy-wugc" }, { "vulnerability": "VCID-psak-h1x6-1kca" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r65p-6wkq-sfb9" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-ry8x-mjbp-qqct" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-sudd-unuw-wqa9" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" }, { "vulnerability": "VCID-uxdf-6tyd-rucd" }, { "vulnerability": "VCID-vkfp-asar-7bhw" }, { "vulnerability": "VCID-wczj-cv1m-7qce" }, { "vulnerability": "VCID-zc7p-7yts-5yae" }, { "vulnerability": "VCID-zrfp-skzu-cbet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-24919" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qhxc-w75p-kqaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95494?format=api", "vulnerability_id": "VCID-r65p-6wkq-sfb9", "summary": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48662", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48684", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.5228", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52339", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52376", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52374", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52369", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52419", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52403", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52389", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52428", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52366", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52434", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52331", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54134", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54081", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54039", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54065", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29450" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22588", "reference_id": "ZBX-22588", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:54Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22588" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943878?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-29450" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r65p-6wkq-sfb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95103?format=api", "vulnerability_id": "VCID-uu3f-3rbn-9fad", "summary": "An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76789", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76569", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76598", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76578", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.7661", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76647", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76627", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76617", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76659", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76663", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76651", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76682", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76689", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76701", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.7672", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76738", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76725", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76742", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24918" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943875?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943844?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-172p-q6d5-9ya3" }, { "vulnerability": "VCID-1xr6-n296-cyfd" }, { "vulnerability": "VCID-3g1d-2tvh-akh4" }, { "vulnerability": "VCID-3qru-uxsd-e3c8" }, { "vulnerability": "VCID-464s-8ex9-kqdz" }, { "vulnerability": "VCID-4s92-5es4-yka5" }, { "vulnerability": "VCID-4uxg-fxv7-rua8" }, { "vulnerability": "VCID-547a-p94b-6fep" }, { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-5s7j-6aea-qucr" }, { "vulnerability": "VCID-5t3e-bfve-d3he" }, { "vulnerability": "VCID-673b-qsd3-e3hz" }, { "vulnerability": "VCID-6u3x-x7qt-g3fa" }, { "vulnerability": "VCID-76qf-8jm4-8kct" }, { "vulnerability": "VCID-7bzf-3c9x-8qc4" }, { "vulnerability": "VCID-7f3g-hebk-3qad" }, { "vulnerability": "VCID-7yp1-231f-a3eq" }, { "vulnerability": "VCID-9jfn-6nvg-a3b6" }, { "vulnerability": "VCID-9z8h-gg7t-b7f8" }, { "vulnerability": "VCID-aetr-jrab-6fg5" }, { "vulnerability": "VCID-b8tm-2187-wkhz" }, { "vulnerability": "VCID-batr-txtv-s3cf" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-cuqx-wxkd-nffa" }, { "vulnerability": "VCID-d7uk-h423-77f5" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-ftt2-5jnt-9ye2" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-gp3f-yz9h-eqax" }, { "vulnerability": "VCID-gyqk-zsww-ykdj" }, { "vulnerability": "VCID-kx3g-p2zj-duaj" }, { "vulnerability": "VCID-mhx5-hcg2-wfc4" }, { "vulnerability": "VCID-n5md-76wa-dbaa" }, { "vulnerability": "VCID-nrkb-pzcu-8ueg" }, { "vulnerability": "VCID-nyhx-57xy-wugc" }, { "vulnerability": "VCID-psak-h1x6-1kca" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r65p-6wkq-sfb9" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-ry8x-mjbp-qqct" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-sudd-unuw-wqa9" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" }, { "vulnerability": "VCID-uxdf-6tyd-rucd" }, { "vulnerability": "VCID-vkfp-asar-7bhw" }, { "vulnerability": "VCID-wczj-cv1m-7qce" }, { "vulnerability": "VCID-zc7p-7yts-5yae" }, { "vulnerability": "VCID-zrfp-skzu-cbet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-24918" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uu3f-3rbn-9fad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95946?format=api", "vulnerability_id": "VCID-wczj-cv1m-7qce", "summary": "An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. The lack of default escaping for script parameters enabled this user ability to execute arbitrary code via the Ping script, thereby compromising infrastructure.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.66016", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65971", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65941", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65961", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65815", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65845", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65811", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65863", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65894", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65881", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65851", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65886", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65901", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65889", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65899", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.6591", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65908", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65882", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.65928", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22116" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25016", "reference_id": "ZBX-25016", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-04T04:55:28Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25016" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943880?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.0%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.0%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-22116" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wczj-cv1m-7qce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95292?format=api", "vulnerability_id": "VCID-wfae-uyd7-ybc3", "summary": "Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31727", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31813", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31684", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.3172", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.3176", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31757", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31857", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31676", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38656", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38557", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38631", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38644", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38558", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38582", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39728", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39644", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39465", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39451", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39369", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39757", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43515" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026847", "reference_id": "1026847", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026847" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22050", "reference_id": "ZBX-22050", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T17:57:56Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22050" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943877?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.13%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.13%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943844?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-172p-q6d5-9ya3" }, { "vulnerability": "VCID-1xr6-n296-cyfd" }, { "vulnerability": "VCID-3g1d-2tvh-akh4" }, { "vulnerability": "VCID-3qru-uxsd-e3c8" }, { "vulnerability": "VCID-464s-8ex9-kqdz" }, { "vulnerability": "VCID-4s92-5es4-yka5" }, { "vulnerability": "VCID-4uxg-fxv7-rua8" }, { "vulnerability": "VCID-547a-p94b-6fep" }, { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-5s7j-6aea-qucr" }, { "vulnerability": "VCID-5t3e-bfve-d3he" }, { "vulnerability": "VCID-673b-qsd3-e3hz" }, { "vulnerability": "VCID-6u3x-x7qt-g3fa" }, { "vulnerability": "VCID-76qf-8jm4-8kct" }, { "vulnerability": "VCID-7bzf-3c9x-8qc4" }, { "vulnerability": "VCID-7f3g-hebk-3qad" }, { "vulnerability": "VCID-7yp1-231f-a3eq" }, { "vulnerability": "VCID-9jfn-6nvg-a3b6" }, { "vulnerability": "VCID-9z8h-gg7t-b7f8" }, { "vulnerability": "VCID-aetr-jrab-6fg5" }, { "vulnerability": "VCID-b8tm-2187-wkhz" }, { "vulnerability": "VCID-batr-txtv-s3cf" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-cuqx-wxkd-nffa" }, { "vulnerability": "VCID-d7uk-h423-77f5" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-ftt2-5jnt-9ye2" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-gp3f-yz9h-eqax" }, { "vulnerability": "VCID-gyqk-zsww-ykdj" }, { "vulnerability": "VCID-kx3g-p2zj-duaj" }, { "vulnerability": "VCID-mhx5-hcg2-wfc4" }, { "vulnerability": "VCID-n5md-76wa-dbaa" }, { "vulnerability": "VCID-nrkb-pzcu-8ueg" }, { "vulnerability": "VCID-nyhx-57xy-wugc" }, { "vulnerability": "VCID-psak-h1x6-1kca" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r65p-6wkq-sfb9" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-ry8x-mjbp-qqct" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-sudd-unuw-wqa9" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" }, { "vulnerability": "VCID-uxdf-6tyd-rucd" }, { "vulnerability": "VCID-vkfp-asar-7bhw" }, { "vulnerability": "VCID-wczj-cv1m-7qce" }, { "vulnerability": "VCID-zc7p-7yts-5yae" }, { "vulnerability": "VCID-zrfp-skzu-cbet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-43515" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wfae-uyd7-ybc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95947?format=api", "vulnerability_id": "VCID-zrfp-skzu-cbet", "summary": "When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding sysmapelementurlid + 1. This action prevents others from adding URLs to the map element.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17756", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1768", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1764", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17676", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1797", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18024", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17723", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17811", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17871", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17887", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17844", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17795", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1774", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1775", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17788", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17698", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17675", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1763", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17488", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17581", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22117" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25610", "reference_id": "ZBX-25610", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T15:03:28Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25610" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943846?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5nmy-hdh8-xbg1" }, { "vulnerability": "VCID-cdyd-79m9-pyhv" }, { "vulnerability": "VCID-dej6-dxbp-a3bt" }, { "vulnerability": "VCID-fxqr-51kp-3ber" }, { "vulnerability": "VCID-qzp5-px2f-vqc8" }, { "vulnerability": "VCID-qzzk-mcfu-sfhv" }, { "vulnerability": "VCID-r8yr-aet5-yydn" }, { "vulnerability": "VCID-s1mb-1gsj-pbed" }, { "vulnerability": "VCID-uh37-bv9z-1bdz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943876?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.44%2Bdfsg-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943881?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943848?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943847?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1103100?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-22117" ], "risk_score": 0.7, "exploitability": "0.5", "weighted_severity": "1.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zrfp-skzu-cbet" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.44%252Bdfsg-1%252Bdeb11u1%3Fdistro=trixie" }