VDB
CVE-2022-39383
CVE-2022-39383
PUBLISHED
CVSS 4.900000095367432 MEDIUM
KubeVela VelaUX APIserver has SSRF vulnerability
EPSS 0.21% · 43.0th percentile
Risk Scores
CVSS v3.1
4.900000095367432
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
EPSS Score
0.21%
43.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linuxfoundation | kubevela | 0, 1.6.0 |
| kubevela | kubevela | >= 1.6.0, < 1.6.1, < 1.5.9 |
| github.com | oam-dev/kubevela | 1.6.0-alpha.1, 0 |
Timeline
- Nov 16, 2022 CVE Published
- Nov 17, 2022 EPSS Score
- Dec 30, 2022 EPSS Score
- Feb 10, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 25, 2023 EPSS Score
- May 7, 2023 EPSS Score
- Jun 18, 2023 EPSS Score
- Jul 31, 2023 EPSS Score
- Sep 12, 2023 EPSS Score
- Oct 25, 2023 EPSS Score
- Dec 6, 2023 EPSS Score