{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T12:23:19.100","vulnerabilities":[{"cve":{"id":"CVE-2022-32169","sourceIdentifier":"vulnerabilitylab@mend.io","published":"2022-09-28T10:15:09.653","lastModified":"2025-05-21T14:15:24.703","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The “Bytebase” application does not restrict low privilege user to access “admin issues“ for which an unauthorized user can view the “OPEN” and “CLOSED” issues by “Admin” and the affected endpoint is “/issue”."},{"lang":"es","value":"La aplicación \"Bytebase\" no restringe a usuarios poco privilegiados el acceso a \"admin issues\" para las que un usuario no autorizado puede ver las incidencias \"OPEN\" y \"CLOSE\" por \"Admin\" y el endpoint afectado es \"/issue\""}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"vulnerabilitylab@mend.io","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bytebase:bytebase:*:*:*:*:*:*:*:*","versionStartIncluding":"0.1.0","versionEndIncluding":"1.0.4","matchCriteriaId":"58D2B448-3301-48A8-8796-C8FDA52268A6"}]}]}],"references":[{"url":"https://github.com/bytebase/bytebase/blob/1.0.4/frontend/src/store/modules/issue.ts#L108-L187","source":"vulnerabilitylab@mend.io"},{"url":"https://www.mend.io/vulnerability-database/CVE-2022-32169","source":"vulnerabilitylab@mend.io","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/bytebase/bytebase/blob/1.0.4/frontend/src/store/modules/issue.ts#L108-L187","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.mend.io/vulnerability-database/CVE-2022-32169","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}