Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/2151?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/2151?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.3.3-2", "type": "alpm", "namespace": "archlinux", "name": "gitlab", "version": "14.3.3-2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "14.5.2-1", "latest_non_vulnerable_version": "15.2.1-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5058?format=api", "vulnerability_id": "VCID-46d5-45c4-qbhc", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39914" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-46d5-45c4-qbhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5070?format=api", "vulnerability_id": "VCID-4pn7-4pta-3fez", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39898" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pn7-4pta-3fez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5059?format=api", "vulnerability_id": "VCID-5yds-teen-3kck", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39913" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5yds-teen-3kck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5064?format=api", "vulnerability_id": "VCID-84hw-3sxd-qkgn", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39906" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-84hw-3sxd-qkgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5066?format=api", "vulnerability_id": "VCID-9765-ruhw-qkcj", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39904" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9765-ruhw-qkcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5062?format=api", "vulnerability_id": "VCID-9rgj-67cw-uucx", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39909" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9rgj-67cw-uucx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5067?format=api", "vulnerability_id": "VCID-aske-xgz8-kkgf", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39903" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aske-xgz8-kkgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5072?format=api", "vulnerability_id": "VCID-ewq1-5r9p-nqgp", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39895" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewq1-5r9p-nqgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5061?format=api", "vulnerability_id": "VCID-j66h-g1vz-mkcx", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39911" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j66h-g1vz-mkcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5071?format=api", "vulnerability_id": "VCID-jfec-zcgt-ukhw", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39897" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jfec-zcgt-ukhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3349?format=api", "vulnerability_id": "VCID-qe2s-6tzh-cqfv", "summary": "open redirect", "references": [ { "reference_url": "https://groups.google.com/g/rubyonrails-security/c/wB5tRn7h36c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/g/rubyonrails-security/c/wB5tRn7h36c" }, { "reference_url": "https://rubygems.org/gems/actionpack", "reference_id": "", "reference_type": "", "scores": [], "url": "https://rubygems.org/gems/actionpack" }, { "reference_url": "https://weblog.rubyonrails.org/2021/8/19/Rails-6-0-4-1-and-6-1-4-1-have-been-released/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://weblog.rubyonrails.org/2021/8/19/Rails-6-0-4-1-and-6-1-4-1-have-been-released/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/12/14/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2021/12/14/5" }, { "reference_url": "https://security.archlinux.org/AVG-2492", "reference_id": "AVG-2492", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2492" }, { "reference_url": "https://security.archlinux.org/AVG-2493", "reference_id": "AVG-2493", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2493" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2021-22942", "reference_id": "CVE-2021-22942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/cve-2021-22942" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22942", "reference_id": "CVE-2021-22942", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22942" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-22942.yml", "reference_id": "CVE-2021-22942.YML", "reference_type": "", "scores": [], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2021-22942.yml" }, { "reference_url": "https://github.com/advisories/GHSA-2rqw-v265-jf8c", "reference_id": "GHSA-2rqw-v265-jf8c", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-2rqw-v265-jf8c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-22942", "GHSA-2rqw-v265-jf8c" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qe2s-6tzh-cqfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5065?format=api", "vulnerability_id": "VCID-qk82-r2g6-aybs", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39905" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qk82-r2g6-aybs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5060?format=api", "vulnerability_id": "VCID-ut9b-11cr-bkat", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39912" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ut9b-11cr-bkat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5068?format=api", "vulnerability_id": "VCID-uy39-7hrr-5ffy", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39902" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uy39-7hrr-5ffy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5069?format=api", "vulnerability_id": "VCID-v64n-1e14-efd7", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39901" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v64n-1e14-efd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5063?format=api", "vulnerability_id": "VCID-xnry-kgm9-jygc", "summary": "multiple issues", "references": [ { "reference_url": "https://security.archlinux.org/AVG-2503", "reference_id": "AVG-2503", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2503" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/2146?format=api", "purl": "pkg:alpm/archlinux/gitlab@14.5.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-917n-jz2b-e7am" }, { "vulnerability": "VCID-fepf-ejxs-q3ca" }, { "vulnerability": "VCID-g5de-bp3c-zyen" }, { "vulnerability": "VCID-h3ty-1vaq-1ycs" }, { "vulnerability": "VCID-haxe-bcj1-gkf6" }, { "vulnerability": "VCID-nrdk-crpq-ruhp" }, { "vulnerability": "VCID-pxht-azaz-tucc" }, { "vulnerability": "VCID-qftw-cg67-qqam" }, { "vulnerability": "VCID-sjkk-juj7-6fgu" }, { "vulnerability": "VCID-srzt-hnqf-jqf1" }, { "vulnerability": "VCID-t6jf-4f5b-fuhc" }, { "vulnerability": "VCID-uxh4-t531-dbg8" }, { "vulnerability": "VCID-wkas-cbsw-uqda" }, { "vulnerability": "VCID-x8h1-66rk-wqdp" }, { "vulnerability": "VCID-xtmj-1q4t-nfdr" }, { "vulnerability": "VCID-xvw5-zdz3-x3h6" }, { "vulnerability": "VCID-yy81-z96r-cqb2" }, { "vulnerability": "VCID-zfyq-7vfp-vbb2" }, { "vulnerability": "VCID-zs2m-e9jm-37c1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.5.0-1" } ], "aliases": [ "CVE-2021-39907" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xnry-kgm9-jygc" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.3.3-2" }