CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35632

The Velociraptor GUI contains an editor suggestion feature that can display the description field of a VQL function, plugin or artifact. This field was not properly sanitized and can lead to cross-site scripting (XSS). This issue was resolved in Velociraptor 0.6.5-2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.7%

CVSS Severity

CVSS v3 Score 4.8

References

Products affected by CVE-2022-35632

Rapid7 » Velociraptor » Version: N/A

cpe:2.3:a:rapid7:velociraptor:-
Rapid7 » Velociraptor » Version: 0.1

cpe:2.3:a:rapid7:velociraptor:0.1
Rapid7 » Velociraptor » Version: 0.2.1

cpe:2.3:a:rapid7:velociraptor:0.2.1
Rapid7 » Velociraptor » Version: 0.2.2

cpe:2.3:a:rapid7:velociraptor:0.2.2
Rapid7 » Velociraptor » Version: 0.2.3

cpe:2.3:a:rapid7:velociraptor:0.2.3
Rapid7 » Velociraptor » Version: 0.2.4

cpe:2.3:a:rapid7:velociraptor:0.2.4
Rapid7 » Velociraptor » Version: 0.2.5

cpe:2.3:a:rapid7:velociraptor:0.2.5
Rapid7 » Velociraptor » Version: 0.2.6

cpe:2.3:a:rapid7:velociraptor:0.2.6
Rapid7 » Velociraptor » Version: 0.2.7

cpe:2.3:a:rapid7:velociraptor:0.2.7
Rapid7 » Velociraptor » Version: 0.2.8

cpe:2.3:a:rapid7:velociraptor:0.2.8
Rapid7 » Velociraptor » Version: 0.2.9

cpe:2.3:a:rapid7:velociraptor:0.2.9
Rapid7 » Velociraptor » Version: 0.3.0

cpe:2.3:a:rapid7:velociraptor:0.3.0
Rapid7 » Velociraptor » Version: 0.3.1

cpe:2.3:a:rapid7:velociraptor:0.3.1
Rapid7 » Velociraptor » Version: 0.3.2

cpe:2.3:a:rapid7:velociraptor:0.3.2
Rapid7 » Velociraptor » Version: 0.3.3

cpe:2.3:a:rapid7:velociraptor:0.3.3
Rapid7 » Velociraptor » Version: 0.3.4

cpe:2.3:a:rapid7:velociraptor:0.3.4
Rapid7 » Velociraptor » Version: 0.3.5

cpe:2.3:a:rapid7:velociraptor:0.3.5
Rapid7 » Velociraptor » Version: 0.3.6

cpe:2.3:a:rapid7:velociraptor:0.3.6
Rapid7 » Velociraptor » Version: 0.3.7

cpe:2.3:a:rapid7:velociraptor:0.3.7
Rapid7 » Velociraptor » Version: 0.3.8

cpe:2.3:a:rapid7:velociraptor:0.3.8
Rapid7 » Velociraptor » Version: 0.3.9

cpe:2.3:a:rapid7:velociraptor:0.3.9
Rapid7 » Velociraptor » Version: 0.4.0

cpe:2.3:a:rapid7:velociraptor:0.4.0
Rapid7 » Velociraptor » Version: 0.4.1

cpe:2.3:a:rapid7:velociraptor:0.4.1
Rapid7 » Velociraptor » Version: 0.4.2

cpe:2.3:a:rapid7:velociraptor:0.4.2
Rapid7 » Velociraptor » Version: 0.4.3

cpe:2.3:a:rapid7:velociraptor:0.4.3
Rapid7 » Velociraptor » Version: 0.4.4

cpe:2.3:a:rapid7:velociraptor:0.4.4
Rapid7 » Velociraptor » Version: 0.4.5

cpe:2.3:a:rapid7:velociraptor:0.4.5
Rapid7 » Velociraptor » Version: 0.4.6

cpe:2.3:a:rapid7:velociraptor:0.4.6
Rapid7 » Velociraptor » Version: 0.4.7

cpe:2.3:a:rapid7:velociraptor:0.4.7
Rapid7 » Velociraptor » Version: 0.4.8

cpe:2.3:a:rapid7:velociraptor:0.4.8
Rapid7 » Velociraptor » Version: 0.4.9

cpe:2.3:a:rapid7:velociraptor:0.4.9
Rapid7 » Velociraptor » Version: 0.5.0

cpe:2.3:a:rapid7:velociraptor:0.5.0
Rapid7 » Velociraptor » Version: 0.5.1

cpe:2.3:a:rapid7:velociraptor:0.5.1
Rapid7 » Velociraptor » Version: 0.5.2

cpe:2.3:a:rapid7:velociraptor:0.5.2
Rapid7 » Velociraptor » Version: 0.5.3

cpe:2.3:a:rapid7:velociraptor:0.5.3
Rapid7 » Velociraptor » Version: 0.5.4

cpe:2.3:a:rapid7:velociraptor:0.5.4
Rapid7 » Velociraptor » Version: 0.5.5

cpe:2.3:a:rapid7:velociraptor:0.5.5
Rapid7 » Velociraptor » Version: 0.5.5-1

cpe:2.3:a:rapid7:velociraptor:0.5.5-1
Rapid7 » Velociraptor » Version: 0.5.6

cpe:2.3:a:rapid7:velociraptor:0.5.6
Rapid7 » Velociraptor » Version: 0.5.7

cpe:2.3:a:rapid7:velociraptor:0.5.7
Rapid7 » Velociraptor » Version: 0.5.8

cpe:2.3:a:rapid7:velociraptor:0.5.8
Rapid7 » Velociraptor » Version: 0.5.9

cpe:2.3:a:rapid7:velociraptor:0.5.9
Rapid7 » Velociraptor » Version: 0.6.0

cpe:2.3:a:rapid7:velociraptor:0.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35632

Products

Pricing

Contact Us