System	Score	Found at
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-35950
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-35950
epss	0.00078	https://api.first.org/data/v1/epss?cve=CVE-2022-35950
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-2jc6-3fhj-8q84
cvssv3.1	4.8	https://github.com/oroinc/orocommerce
generic_textual	MODERATE	https://github.com/oroinc/orocommerce
cvssv3.1	4.8	https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84
cvssv3.1	6.9	https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84
cvssv3.1_qr	MODERATE	https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84
generic_textual	MODERATE	https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84
ssvc	Track	https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84
cvssv3.1	4.8	https://nvd.nist.gov/vuln/detail/CVE-2022-35950
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2022-35950

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2022-35950
		https://github.com/oroinc/orocommerce
		https://nvd.nist.gov/vuln/detail/CVE-2022-35950
GHSA-2jc6-3fhj-8q84		https://github.com/advisories/GHSA-2jc6-3fhj-8q84
GHSA-2jc6-3fhj-8q84		https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N Found at https://github.com/oroinc/orocommerce

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N Found at https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N Found at https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

---

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T13:15:26Z/ Found at https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84

---

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-35950

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Percentile	0.23386
EPSS Score	0.00078
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T17:38:26.248369+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2022/35xxx/CVE-2022-35950.json	38.6.0