VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-rpk4-gxm8-aaab

Essentials
Severities (117)
References (15)
Severity details (26)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-rpk4-gxm8-aaab
Aliases	CVE-2022-24775 GHSA-q7rv-6hp3-vh96
Summary	Improper Input Validation in guzzlehttp/psr7
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-20	Improper Input Validation
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.00187	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00187	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00187	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00187	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00187	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00187	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00187	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00187	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00187	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.0026	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.0026	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.0026	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.0026	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.0026	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.0026	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00303	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00303	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00303	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00303	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00303	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00303	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00419	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00419	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00446	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00523	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00558	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00558	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00558	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00709	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00709	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00709	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00709	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00709	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00709	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00709	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00855	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00855	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00855	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00855	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00855	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00855	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.00992	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
epss	0.08533	https://api.first.org/data/v1/epss?cve=CVE-2022-24775
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-q7rv-6hp3-vh96
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-q7rv-6hp3-vh96
cvssv3.1	5.3	https://github.com/guzzle/psr7
generic_textual	MODERATE	https://github.com/guzzle/psr7
cvssv3.1	5.3	https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1
cvssv3.1	7.5	https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1
generic_textual	MODERATE	https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1
ssvc	Track	https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1
cvssv3.1	5.3	https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc
cvssv3.1	7.5	https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc
generic_textual	MODERATE	https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc
ssvc	Track	https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc
cvssv3.1	5.3	https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96
cvssv3.1	7.5	https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96
cvssv3.1_qr	HIGH	https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96
generic_textual	MODERATE	https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96
ssvc	Track	https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2022-24775
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-24775
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-24775
cvssv3.1	5.3	https://www.drupal.org/sa-core-2022-006
cvssv3.1	7.5	https://www.drupal.org/sa-core-2022-006
generic_textual	MODERATE	https://www.drupal.org/sa-core-2022-006
ssvc	Track	https://www.drupal.org/sa-core-2022-006
cvssv3.1	6.5	https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4
generic_textual	MODERATE	https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2022-24775
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24775
		https://github.com/guzzle/psr7
		https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1
		https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc
		https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96
		https://www.drupal.org/sa-core-2022-006
		https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4
1008236		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008236
cpe:2.3:a:drupal:drupal::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:drupal:drupal::::::::
cpe:2.3:a:guzzlephp:psr-7::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:guzzlephp:psr-7::::::::
CVE-2022-24775		https://nvd.nist.gov/vuln/detail/CVE-2022-24775
CVE-2022-24775.YAML		https://github.com/FriendsOfPHP/security-advisories/blob/master/guzzlehttp/psr7/CVE-2022-24775.yaml
GHSA-q7rv-6hp3-vh96		https://github.com/advisories/GHSA-q7rv-6hp3-vh96
USN-6670-1		https://usn.ubuntu.com/6670-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://github.com/guzzle/psr7

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/ Found at https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/ Found at https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/ Found at https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-24775

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-24775

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-24775

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://www.drupal.org/sa-core-2022-006

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://www.drupal.org/sa-core-2022-006

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:56:31Z/ Found at https://www.drupal.org/sa-core-2022-006

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Found at https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.56827
EPSS Score	0.00187
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.