Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/gitlab@14.1.1-1
Typealpm
Namespacearchlinux
Namegitlab
Version14.1.1-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version14.1.2-1
Latest_non_vulnerable_version15.2.1-1
Affected_by_vulnerabilities
0
url VCID-dpda-b429-ske5
vulnerability_id VCID-dpda-b429-ske5
summary Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git actions even if impersonation is disabled. This vulnerability is present in GitLab CE/EE versions before 13.12.9, 14.0.7, 14.1.2
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22237
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.38713
published_at 2026-04-26T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.38857
published_at 2026-04-01T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.38989
published_at 2026-04-02T12:55:00Z
3
value 0.00175
scoring_system epss
scoring_elements 0.39009
published_at 2026-04-04T12:55:00Z
4
value 0.00175
scoring_system epss
scoring_elements 0.3894
published_at 2026-04-07T12:55:00Z
5
value 0.00175
scoring_system epss
scoring_elements 0.38993
published_at 2026-04-08T12:55:00Z
6
value 0.00175
scoring_system epss
scoring_elements 0.39007
published_at 2026-04-09T12:55:00Z
7
value 0.00175
scoring_system epss
scoring_elements 0.39019
published_at 2026-04-11T12:55:00Z
8
value 0.00175
scoring_system epss
scoring_elements 0.38983
published_at 2026-04-12T12:55:00Z
9
value 0.00175
scoring_system epss
scoring_elements 0.38956
published_at 2026-04-13T12:55:00Z
10
value 0.00175
scoring_system epss
scoring_elements 0.39003
published_at 2026-04-16T12:55:00Z
11
value 0.00175
scoring_system epss
scoring_elements 0.38984
published_at 2026-04-18T12:55:00Z
12
value 0.00175
scoring_system epss
scoring_elements 0.389
published_at 2026-04-21T12:55:00Z
13
value 0.00175
scoring_system epss
scoring_elements 0.38737
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22237
1
reference_url https://security.archlinux.org/ASA-202108-7
reference_id ASA-202108-7
reference_type
scores
url https://security.archlinux.org/ASA-202108-7
2
reference_url https://security.archlinux.org/AVG-2251
reference_id AVG-2251
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2251
fixed_packages
0
url pkg:alpm/archlinux/gitlab@14.1.2-1
purl pkg:alpm/archlinux/gitlab@14.1.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.1.2-1
aliases CVE-2021-22237
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dpda-b429-ske5
1
url VCID-qs8s-5gm5-m3hy
vulnerability_id VCID-qs8s-5gm5-m3hy
summary An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0. It was possible to exploit a stored cross-site-scripting via a specifically crafted default branch name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22241
reference_id
reference_type
scores
0
value 0.00191
scoring_system epss
scoring_elements 0.40824
published_at 2026-04-26T12:55:00Z
1
value 0.00191
scoring_system epss
scoring_elements 0.40933
published_at 2026-04-01T12:55:00Z
2
value 0.00191
scoring_system epss
scoring_elements 0.41015
published_at 2026-04-02T12:55:00Z
3
value 0.00191
scoring_system epss
scoring_elements 0.41046
published_at 2026-04-04T12:55:00Z
4
value 0.00191
scoring_system epss
scoring_elements 0.40972
published_at 2026-04-07T12:55:00Z
5
value 0.00191
scoring_system epss
scoring_elements 0.41021
published_at 2026-04-08T12:55:00Z
6
value 0.00191
scoring_system epss
scoring_elements 0.41029
published_at 2026-04-09T12:55:00Z
7
value 0.00191
scoring_system epss
scoring_elements 0.41047
published_at 2026-04-11T12:55:00Z
8
value 0.00191
scoring_system epss
scoring_elements 0.41012
published_at 2026-04-12T12:55:00Z
9
value 0.00191
scoring_system epss
scoring_elements 0.40996
published_at 2026-04-13T12:55:00Z
10
value 0.00191
scoring_system epss
scoring_elements 0.41038
published_at 2026-04-16T12:55:00Z
11
value 0.00191
scoring_system epss
scoring_elements 0.41008
published_at 2026-04-18T12:55:00Z
12
value 0.00191
scoring_system epss
scoring_elements 0.40931
published_at 2026-04-21T12:55:00Z
13
value 0.00191
scoring_system epss
scoring_elements 0.40837
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22241
1
reference_url https://security.archlinux.org/ASA-202108-7
reference_id ASA-202108-7
reference_type
scores
url https://security.archlinux.org/ASA-202108-7
2
reference_url https://security.archlinux.org/AVG-2251
reference_id AVG-2251
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2251
fixed_packages
0
url pkg:alpm/archlinux/gitlab@14.1.2-1
purl pkg:alpm/archlinux/gitlab@14.1.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.1.2-1
aliases CVE-2021-22241
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qs8s-5gm5-m3hy
2
url VCID-tk7s-v2w6-ukhr
vulnerability_id VCID-tk7s-v2w6-ukhr
summary An unauthorized user was able to insert metadata when creating new issue on GitLab CE/EE 14.0 and later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22239
reference_id
reference_type
scores
0
value 0.00165
scoring_system epss
scoring_elements 0.37218
published_at 2026-04-26T12:55:00Z
1
value 0.00165
scoring_system epss
scoring_elements 0.37411
published_at 2026-04-01T12:55:00Z
2
value 0.00165
scoring_system epss
scoring_elements 0.37577
published_at 2026-04-02T12:55:00Z
3
value 0.00165
scoring_system epss
scoring_elements 0.37601
published_at 2026-04-04T12:55:00Z
4
value 0.00165
scoring_system epss
scoring_elements 0.37478
published_at 2026-04-07T12:55:00Z
5
value 0.00165
scoring_system epss
scoring_elements 0.37529
published_at 2026-04-08T12:55:00Z
6
value 0.00165
scoring_system epss
scoring_elements 0.37542
published_at 2026-04-16T12:55:00Z
7
value 0.00165
scoring_system epss
scoring_elements 0.37556
published_at 2026-04-11T12:55:00Z
8
value 0.00165
scoring_system epss
scoring_elements 0.37521
published_at 2026-04-12T12:55:00Z
9
value 0.00165
scoring_system epss
scoring_elements 0.37495
published_at 2026-04-13T12:55:00Z
10
value 0.00165
scoring_system epss
scoring_elements 0.37523
published_at 2026-04-18T12:55:00Z
11
value 0.00165
scoring_system epss
scoring_elements 0.37459
published_at 2026-04-21T12:55:00Z
12
value 0.00165
scoring_system epss
scoring_elements 0.37239
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22239
1
reference_url https://security.archlinux.org/ASA-202108-7
reference_id ASA-202108-7
reference_type
scores
url https://security.archlinux.org/ASA-202108-7
2
reference_url https://security.archlinux.org/AVG-2251
reference_id AVG-2251
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2251
fixed_packages
0
url pkg:alpm/archlinux/gitlab@14.1.2-1
purl pkg:alpm/archlinux/gitlab@14.1.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.1.2-1
aliases CVE-2021-22239
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tk7s-v2w6-ukhr
3
url VCID-xuub-mcj4-rqhg
vulnerability_id VCID-xuub-mcj4-rqhg
summary Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-22236
reference_id
reference_type
scores
0
value 0.00225
scoring_system epss
scoring_elements 0.45154
published_at 2026-04-26T12:55:00Z
1
value 0.00225
scoring_system epss
scoring_elements 0.45147
published_at 2026-04-01T12:55:00Z
2
value 0.00225
scoring_system epss
scoring_elements 0.45228
published_at 2026-04-02T12:55:00Z
3
value 0.00225
scoring_system epss
scoring_elements 0.45249
published_at 2026-04-04T12:55:00Z
4
value 0.00225
scoring_system epss
scoring_elements 0.45192
published_at 2026-04-07T12:55:00Z
5
value 0.00225
scoring_system epss
scoring_elements 0.45248
published_at 2026-04-08T12:55:00Z
6
value 0.00225
scoring_system epss
scoring_elements 0.45247
published_at 2026-04-09T12:55:00Z
7
value 0.00225
scoring_system epss
scoring_elements 0.45269
published_at 2026-04-11T12:55:00Z
8
value 0.00225
scoring_system epss
scoring_elements 0.45237
published_at 2026-04-12T12:55:00Z
9
value 0.00225
scoring_system epss
scoring_elements 0.45239
published_at 2026-04-13T12:55:00Z
10
value 0.00225
scoring_system epss
scoring_elements 0.4529
published_at 2026-04-16T12:55:00Z
11
value 0.00225
scoring_system epss
scoring_elements 0.45285
published_at 2026-04-18T12:55:00Z
12
value 0.00225
scoring_system epss
scoring_elements 0.45235
published_at 2026-04-21T12:55:00Z
13
value 0.00225
scoring_system epss
scoring_elements 0.45146
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-22236
1
reference_url https://security.archlinux.org/ASA-202108-7
reference_id ASA-202108-7
reference_type
scores
url https://security.archlinux.org/ASA-202108-7
2
reference_url https://security.archlinux.org/AVG-2251
reference_id AVG-2251
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2251
fixed_packages
0
url pkg:alpm/archlinux/gitlab@14.1.2-1
purl pkg:alpm/archlinux/gitlab@14.1.2-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.1.2-1
aliases CVE-2021-22236
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xuub-mcj4-rqhg
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.1.1-1